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IBM,  Microsoft,  Novell,  SCO  and  Red  Hat  get  ready  to  rumble  at  Network  World’s 
Network  Operating  Systems  Showdown  at  ComNet  2000  later  this  month.  Page  17. 


CISCO  RECALL 


Thousands  of  Catalyst  5000 
switch  modules  recalled.  Page  6. 
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BY  JEFF  CARUSO 

Some  days,  you  probably  get  a  bit  fed  up  with 
your  network  and  just  feel  like  scrapping  it 
and  starting  over. 

Well,  what  if  you  could?  What  would  your 
brand-new  campus  network  look  like? 

Some  companies  actually  get  that  opportunity, 
be  they  start-ups  building  new  infrastructures  or 
established  companies  wiring  new  buildings. 

Often  these  networks  follow  a  distinct  pattern, 
With  no  legacy  equipment  to  consider,  executives 
opt  for  both  hot:  technologies  such  as  Layer  3 
switching  and  evergreens  such  as  IP  and 
Ethernet.  Today's  recipe  for  a  new  network  instal¬ 
lation  looks  something  like  this; 


Banyan  s  David  Orifice  says  his 
company  is  "wiring  for  growth." 


See  From  scratch,  page  61 


Win  2000  VPN  technology  causes  stir 


BY  ELLEN  MESSMER 

REDMOND,  WASH.  — 
When  it  ships  next  month, 
Microsoft’s  Windows  2000  will 
come  with  technology  for  set¬ 
ting  up  an  IP  Security-based 
virtual  private  network  (VPN). 
The  question  is:  Will  estab¬ 
lished  VPN  products  from 
other  vendors  work  with 
Microsoft’s  technology? 

It  appears  that  the  answer 
will  be  a  grudging  “yes.”  Many 
VPN  vendors  have  ardently 


opposed  Microsoft’s  imple¬ 
mentation,  complaining  it 
adds  data  overhead  and  slows 
down  transaction  processing. 
But  these  same  companies, 
such  as  Check  Point  Software 
and  Newbridge  Networks, 
acknowledge  that  they  can’t 
afford  to  ignore  that  hundreds 
of  thousands  of  desktops  will 
probably  end  up  running 
Microsoft’s  new  software. 

Microsoft’s  IPSec  “flavor,” 
jointly  developed  with  Cisco, 
See  IPSec,  page  14 
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REVIEW: 
Win  2000 


Our  hands-on 
testing  shows 
Microsoft's  NOS 
is  more  stable, 
better  performing 
and  easier  to 
manage.  Page  20. 


The  network  portal:  www.nwfusion.com 

Voice  over  IP 
gathers  steam 


Carriers  prepping  integrated  voice/data  services. 


BY  DENISE 
PAPPALARDO  AND 
TIM  GREENE 

Fueled  by  a  group  of  tradi¬ 
tional  telecommunications  ser¬ 
vice  providers,  voice-over-IP  ser¬ 
vices  are  expected  to  become 
more  prevalent  within  the  next 
18  months. 

AT&T,  MCI  WorldCom,  Bell 
Atlantic,  SBC  Communications 
and  BellSouth  are  busy  setting 
up  packetized  voice  trials  and 
planning  new  integrated  voice 
and  data  services  for  business 
and  residential  users. 

To  prepare  for  this  change, 
International  Data  Corp.  (IDQ,  a 
market  research  firm  in  Framing¬ 


ham,  Mass.,  expects  service 
providers  around  the  world  to 
spend  nearly  $1  billion 
See  VoIP,  page  1 6 


www.nwfusion.com 


OVER  THE 

IP  AIRWAVES 


White  paper:  Sending  voice 
over  IP. 


Feature:  Voice-over-IP 
reality  check. 


Papows  out  at  Lotus; 
IBM  vet  to  take  control 


BY  JOHN  FONTANA 
AND  MARC  SONGINI 

The  sudden  resigna¬ 
tion  of  Lotus  CEO  Jeff 
Papows  last  week  is 
setting  some  enter¬ 
prise  customers  on 
edge,  while  others 
say  the  move  will 
bring  a  renewed  focus  to 
the  company. 

Papows’  resignation,  effec¬ 
tive  Feb.  1,  comes  within  a 
year  of  a  host  of  scathing  press 


reports  about  his  character 
and  the  filing  of  a  sexual  dis¬ 
crimination  lawsuit  by  a  for¬ 
mer  employee.  Papows, 
45,  will  be  replaced  by 
23-year  IBM  veteran 
A1  Zollar,  who  was 
general  manager  of 
the  company’s  now- 
defunct  Network 
Computing  Software 
Division. 

Reaction  from  customers 
and  business  partners  ranged 
See  Papows,  page  12 
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Solutions 


Stop.  Before  you  take  another 


step,  wouldn't  you  like  to  know 


what  allows  the  sure-footed 


e-commerce  leaders  to  keep 


growing?  A  rock-solid  IT  infra¬ 


structure  built  on  Hitachi  Data 


Systems?  Since  1973  (an  eternity 


in  Internet  years),  we've  been 


delivering  systems  that  provide 


mission-critical  reliability,  avail¬ 


ability,  and  scalability  —  qualities 


no  company  can  live  without  in 


the  age  of  the  Internet. 


Want  to  learn  more  about 


the  hardware  and  solutions  on 


which  the  e-commerce  leaders 


rely?  Just  visit  our  Web  site.  Or 


call  1-888-387-5315. 


www.hds.com  ] 
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Built  for  fast  times  "  -  .-''j' '  • 


resenting  The  Industry  s 
Inly  Complete  Desktop 
Management  Solution. 


Centralized  Security  Management 
Integrated  Encryption 
Centralized  User  Administration 

SECURITY  MANAGEMENT 

Virus  Protection 

Firewall  With  Authentication 
Single  Sign-On'“ 


Web  Management™ 

Backup/Disaster  Recovery  Database  Management 

Monitoring  SERVER  MANAGEMENT 

Application  Management 


Network  Management 


Software  Metering/Auditing 
Software  Maintenance 

ASSET  MANAGEMENT 

Y2K  Compliance  Check 

Hardware  Inventory 
Configuration  Management 
Financial  Tracking 


Hands-Free  OS  Installation 
Broadcasting  Push/Pull 

Event  Monitoring  And  Automation 

SOFTWARE  DISTRIBUTION 

Roaming  Users  Support 
Dynamic  Groups 

/V-Tiered  Distribution 

Secure  Data  Transport  System 


EnterpriseDiscovery™ 

Event  Management/Correlation 
Problem  Management 
Predictive  Management 

ENTERPRISE  MANAGEMENT 

Real  World  Interface™ 

Business  Process  Views™ 
Workload  Management 


Windows  98,  95,  3.1 ,  CE  UNIX 

LANs,  WANs,  And  Internet 

EXTENSIVE  PLATFORM 
COVERAGE 


TCP/IP,  IPX,  DECnet,  SNA 
NetWare 


OS/390 


Multi-Processor  Support  Stealth  Viewing 
Session  Recording  File-Transfer  With  Crash  Recovery 

REMOTE  CONTROL  Integrated  NT  Security 

Remote  Reboot 


Remote  Access 


(Computer® 

Associates 

Software  superior  by  design. 


Yes,  all  of  these  features  and  functions  can  be  found  in  one 
solution:  And  you  can  find  out  more  by  making  one  phone 
call.  Call  today  and  find  out  how  the  industry  standard  for 
network  and  systems  management  can  help  you  get  all  of 
your  desktops  under  control. 


For  more  information,  call  1-888-864-2368, 
or  visit  www.cai.com/ads/desktopmgmt 


Unice  nter  TkG 


■  ■  /'r  Computer  Associates  International.  Inc.,  Islandia,  NY  11788-7000.  All  product  names  referenced  herein  are  trademarks  of  their  respective  companies. 


THIS  WEEK 
ONLINE 


Water  Cooler.  So 

what  do  Novell, 
Oracle,  Amdahl  and 
every  other  vendor 
have  in  common? 
They've  all  developed  a  strategy 
to  become  your  application  ser¬ 
vice  provider  (ASP).  But  if  every¬ 
one  is  an  ASP,  then  how  do  the 
vendors  differentiate  themselves? 
More  importantly,  how  are  net¬ 
work  executives  expected  to  tell 
the  players  without  a  scorecard? 
Features  Editor  Neal  Weinberg 
lets  you  know  in  this  week's 
Water  Cooler.  DocFinder:  6344. 

Post  Y2K.  Lots  of  companies  are 
staring  at  their  empty  IS  wallets, 
but  who's  to  blame?  IS  depart¬ 
ments  would  argue  the  upgrades 
were  a  long  time  coming.  But  to 
the  tune  of  $100  billion?  Find  out 
where  the  money  went  in  our  Y2K 
package.  DocFinder:  6340. 

Windows  2000.  What's  the  critical 
downfall  with  Microsoft's  new 
operating  system?  The  fact  that 
you  need  an  all-Windows  envi¬ 
ronment  to  get  the  most  bang  for 
your  buck.  "Enterprise  installa¬ 
tions  won't  reap  full  benefits  from 
server  upgrades  unless  they  also 
put  Windows  2000  on  all  their 
desktop  machines  because  the 
most  useful  features  of  Windows 
2000  server  editions  are  confined 
to  networks  that  are  homoge¬ 
neously  Windows  2000,"  says 
reviewer  Tom  Henderson. 
DocFinder:  6345. 

Powerometer.  How  does  AT&T 
compare  to  MCI  WorldCom  in 
terms  of  power?  AT&T  ranks 
fourth  on  our  list  of  most  powerful 
companies,  while  MCI  WorldCom 
ranks  10th.  Plug  in  your  favorite 
companies  to  find  out  how  they 
stack  up  against  each  other  in  our 
annual  Power  Issue.  DocFinder: 
6135. 

The  RFP  Zone.  Need  to  get 
answers  to  your  network  requests 
for  proposals  (RFP)?  From  site 
development  to  ISP  services  to 
multimedia  installments,  we've 
got  you  covered.  Just  head  online 
to  our  ITrfp  area  and  plug  in  your 
needs.  We've  got  the  top  vendors 
standing  by  to  give  you  quick 
responses.  DocFinder:  6346. 


ntents 


See  what  kind  of  qualities  Howard 
Schmidt  of  Microsoft  looks  for  in 
the  people  he  entrusts  to  network 
security.  Page  49, 
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Cisco  recalling  Catalyst  5000 
switch  cards. 

VeriSign  takes  the  pain  out  of 
digital  certificates. 
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tactics. 
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Security  staffing:  How  to  find  a 
competent  information  secur¬ 
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your  network  is  in  good  health. 


8 

10 

12 

14 


J.D.  Edwards  offering  ERP 
suite  as  hosted  apps. 

Y2K  efforts  have  long-term 
benefits. 

Lotus  hopes  to  soar  with 
Raven  software. 

Microsoft  and  Intel  shrink  the 
size  of  computers. 


INFRASTRUCTURE 


31 

31 

34 


Secure  extranet  is  just  what 
the  doctor  ordered. 

Mail.com  buys  e-mail  service 
firm  Lansoft. 

Scott  BradnerThe  importance 
of  being  a  dynamist. 


TECHNOLOGY 

UPDATE 


OPINIONS 


38 

39 


Editorial:  Hats  off  to  the  Y2K 
warriors. 

Joel  Snyder:  Reliability  — 
Something  you  build,  not 
buy. 


Linda  Musthaler:  fit  e-com- 
merce,  customer  service 
should  be  fundamental. 


17 

17 

20 


Fireworks  expected  at  NOS 
showdown. 

Novell  utility  eases  directory 
integration. 

NeiwaWM 

Review: Windows  2000: 

It’s  more  stable,  performs 
better  and  is  easier  to 
manage,  but  not  all  desktops 
are  welcome  to  this  party. 


Kevin  Tolly:  What’s  your 
bandwidth  budget? 


CARRIERS  &  ISPs 


25 

25 


ASPs  still  searching  for  the 
right  mix. 

Start-up  touts  low-cost  con¬ 
nections  over  optical  fiber. 
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ter  than  two. 

Gearhead:An  inside  look  at 
how  new  Web  apps  get  data 
from  forms. 
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IP  MULTICAST 
GROUNDED 

IP  Multicast  still  waiting  for  takeoff. 
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HOW  TO  CONTACT  US 

WRITE:  Network  World,  118  Turnpike  Road, 
Southborough,  MA  01772;  CALL:  (508)  460-3333; 
FAX:  (508)  490-6438;  E-MAIL:  nwnews@nww.com; 
CIRCULATION:  CALL:  (508)  490-6444; 

FAX:  (508)  490-6400;  E-MAIL:  nwcirc@nww.com; 
STAFF:  See  the  masthead  on  page  10  for  more 
contact  information.  REPRINTS:  (717)  399-1900 
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DIARY  OF  A  HACK  ATTACK 

Ever  wonder  how  a  hacker  would  go  about 
attacking  your  network?  We  tag  along  as  "Bob 

the  hacker"  sets  his  sights  on  an  e-business. 

Page  42. 
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FEATURE:  The  top  10  TCP/IP  troubleshooting 

tools.  Page  44. 

REVIEW: 

HP's  ProCurve 
9304M  Gigabit 
Ethernet  switch  is 
a  packet-pushing 
powerhouse.  Page  45. 
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A  sad  note  was  struck  during 
the  holiday  season  for  one 
of  the  nation's  key  telecom 
user  groups.  Ellen  Van  Cleve, 

.  ■  first  vice  president  of  the 
r  Communications  Managers 
Association  (CMA),  died 
19  of  a  pulmonary  aneurysm.  She 
•  was 52  ...■  ‘  . 

[  :  '  A/an  Cleve,  who  was  director  of  data  communica- 
..  tions  for  ftie  Slew  York  Times,  was  to  have  become 
CMA's  president  this  month 
Colleagues  at  the  CMA,  which  principally  serves 
WAN  managers  in  large  organizations  based  in 
•V  the  Northeast, remembers  Van  Cleve  as  a  tireless 
/advocate  for  service  improvement  from  key  carriers 
:  in  the  region.  She  was  "extremely  influential"  in 
-grabbing  the  attention  of  major-carrier  executives 
;  to  hear  the  concerns  of  corporate  network  profes- 
-  sionals.  says  Andrew  Stratford,  CMA's  1999 
presjdent.  Yet  Van  Cleve  also  argued  against 
excessive  regulation,  and  often  said  regulators 
should  allow  Bell  Atlantic  into  long-distance  to 
give  users  a  new  networking  option.  That  view 
—  expressed  very  recently  in  these  pages  — 
turned  into  an  unfortunate  irony:  She  passed  away 
three  days  before  the  Federal  Communications 
Commission  approved  Bell  Atlantic’s  long-distance 
application  for  New  York.  The  CMA  is  considering 
establishing  a  scholarship  in  Van  Cleve's  name 
for  female  network  professionals. 


Wal-Mart  spins  off  a  dot-com 

Wal-Mart  won’t  be  just  your  neighbor¬ 
hood  retailing  behemoth  anymore.  The 
heaviest  of  the  brick-and-mortar  heavy¬ 
weights  last  week  announced  that  it  will 
create  a  Palo  Alto  independent  company  — 
Wal-Mart.com  —  in  order  to  speed  develop¬ 
ment  of  its  online  retail  site.  Venture  capital 
firm  Accel  Partners  will  join  with  Wal-Mart 
in  the  undertaking.TheWal-Mart.com  board 
will  include  Wal-Mart  Chairman  Rob  Walton; 
Lee  Scott,  vice-chairman  and  chief  operating 
officer  of  Wal-Mart;  and  James  Breyer,  man¬ 
aging  partner  of  Accel. 

Short-time  CEO  out  at  Baan 

Baan  CEO  Mary'  Coleman  resigned  last 
week  after  less  than  a  year  at  the  helm  of 
the  troubled  maker  of  enterprise  resource 
planning  software.  In  a  concurrent 
announcement,  Baan  reported  it  would 
close  14  branch  offices  and  reduce  its 
worldwide  work  force  by  about  4%  in  an 
attempt  to  reverse  the  company’s  recent 
misfortunes.  Baan  has  incurred  losses  over 
the  past  five  quarters,  amid  restructuring 
and  a  drop  in  revenue  for  its  core  ERP  busi¬ 
ness.  The  current  chairman  of  the  Baan 
supervisory  board,  Pierre  Everaert,  will 
sen  e  as  interim  CEO  while  the  search  for  a 
permanent  CEO  of  the  business  software 
maker  is  under  way,  Baan  said  in  its  state¬ 
ment.  Baan  has  headquarters  in  both  the 
Netherlands  and  Reston.Va. 


Nortel  buys  DSL  switch  vendor 

Nortel  Networks  plans  to  buy  digital  sub¬ 
scriber  line  (DSL)  switch  specialist  Pro- 
matory  Communications  for  $778  million  in 
stock.  By  snapping  up  Promatory,  Nortel 
gains  access  to  Promatory’s  ATM-based 
Intelligent  Multi-service  Access  Switch 
(IMAS)  edge  switch. This  device  takes  in  traf¬ 
fic  in  a  number  of  DSL  flavors  and  sorts  cus¬ 
tomer  traffic  to  ensure  various  levels  of  ser¬ 
vice  quality.  Quality  of  service  is  a  must  for 
transmitting  voice-over-  DSL  lines  to  avoid 
gaps  and  delays  in  voice  transmissions.  In 
addition,  carriers  can  use  the  IMAS  to  offer 
different  levels  of  service  quality  at  different 
prices.  So  a  customer  who  uses  a  DSL  line  for 
e-mail  and  Web  surfing  could  buy  a  less- 
expensive,  lower-quality  connection  than 
someone  using  a  DSL  link  to  tie  into  a  cor¬ 
porate  network  for  business  reasons.  In 
combination  with  Nortel’s  cable  modem 
and  wireless  access  gear,  the  Promatory  deal 
will  round  out  the  company’s  broadband 
access  offerings  for  residences  and  small 
businesses. 

Security  start-up  includes  'Mudge' 

A  Cambridge,  Mass.-based  security  start-up 
that  debuted  last  week  will  feature  the  leader 
of  a  renowned  hacker  group  as  vice  presi¬ 
dent  of  research  and  development.  Backed 
by  $10  million  in  capital  from  Battery 
Ventures,  @Stake,  Inc.  will  lean  on  the  exper¬ 
tise  of  a  hacker  organization  called  the  LOpht 
and  its  well-known  front  man,  who  goes  by 
the  moniker  Mudge.  The  new  company’s 
chief  technology^  officer  will  be  Daniel  Geer, 
former  vice  president  and  senior  strategist  at 
CertCo  and  director  of  engineering  at  Open 
Market.  @Stake  promises  to  provide  “non-tra- 
ditional,  e-commerce-age  security  solutions.” 

Shopping  for  a  NOS? 

Network  World  is  offer¬ 
ing  a  hands-on  compara¬ 
tive  look  at  Microsoft 
Windows  2000,  Novell 
NetWare  5.1,  Red  Hat 
Linux  6.1  and  The  Santa 
Cruz  Operation’s 

UnixWare  7.1.1  to  all 
ComNet  2000  trade  show 
attendees  in  Network 
Operating  Systems  Showdown  Lab.  The  lab 
will  be  located  in  the  main  lobby  of 
Washington,  D.C.’s  Renaissance  Hotel  and 
be  open  Jan.  25  to  27.  Attendees  will  get  a 
customized  view  of  how  these  NOSes 
stack  up  against  each  other.  Attendees  also 
will  be  able  to  pick  the  brains  of  the  engi¬ 
neers  from  Centennial  Networking  Labs  at 
North  Carolina  State  University,  the 
Network  World  Test  Alliance  partner  that 
conducted  this  first  public  showdown 
between  Windows  2000  and  its  competi¬ 
tion  in  the  NOS  arena. 


NetwoikWortd 


LAB 


Hands-On  Testing 


Cisco  recalling 
Catalyst  5000  cards 


BY  JIM  DUFFY 

SAN  JOSE  —  Cisco  is  recall¬ 
ing  some  lOBase-T  Ethernet 
switching  modules  for  its 
Catalyst  5000  LAN  switches 
because  the  boards  can  short 
out  and  disable  networks. 

The  company  is  recalling 
about  11,000  —  or  15%  —  of 
the  75,000  48-port  lOBase-T 
Ethernet  boards  currently 
installed  in  enterprise  net- 
works.These  modules  fall  with¬ 
in  a  serial  number  range  that 
Cisco  has  identified  as  poten¬ 
tially  defective  (see  graphic). 

Fourteen  of  these  boards 
have  already  shorted  out,  a 
Cisco  spokesman  says. 

The  shorting  has  been  iso¬ 
lated  to  a  copper  defect  in  the 
module’s  printed  circuit  board. 
The  short  can  cause  the  module 
to  fail  and  likely  disrupt  the 
operation  of  the  switch  in 
which  it  is  installed,  according 
to  a  Cisco  field  notice  on  Cisco’s 
Web  site  (www.cisco.com/ 
warp/public/770/fn91 5  1_ 
12081999.  shtml). 

The  short  will  cause  the 
switch’s  power  supplies  to  go 
into  overcurrent  shutdown, 
thereby  cutting  off  power  to 
the  switch,  the  field  notice 
states.The  short  creates  smoke, 
but  no  fire  or  sparks. The  failure 
may  also  cause  damage  to  the 
switch  backplane,  rendering 
the  switch  inoperable. 

Cisco  is  urging  customers  to 
replace  affected  boards  with 
48-port  lOBase-T  switching 
modules  that  do  not  fall  within 
the  serial  number  range  associ¬ 
ated  with  the  recalled  mod¬ 
ules.  Should  a  short  occur, 
Cisco  is  urging  customers  to 
replace  the  entire  switch  in 
which  the  affected  module 
resides.  Cisco  is  offering  free 
replacement  hardware  and 
software,  the  spokesman  says. 

Cisco  customer  PeopIeSoft 
is  using  the  potentially  defec¬ 
tive  modules  but  so  far  has  not 
been  affected  by  the  short.The 
company  plans  to  replace  the 
modules  with  other  48-port 
lOBase-T  boards  as  part  of  an 
overall  network  upgrade  pro¬ 
gram,  says  Stan  Christensen, 
senior  network  engineer  at 
the  Pleasanton,  Calif.,  software 


Cisco  module  recall 

Cisco  will  replace  for  free 
its  defective  lOBase-T 
Ethernet  switching  modules 
for  the  Catalyst  5000.  The 
company  has  identified 
modules  with  the  following 
serial  numbers  as  faulty: 

•  9194340  —  9194344 

•  9209350  —  9209999 

•  9210000  —  9214338 

•  9301601  —9302230 

•  9880340  —  9883950 

•  10120340  —  10125399 

•  10172043  —  10175339 

•  10290340  —  10295339 


•  10510340  —  10515339 


company.  “Were  upgrading 
some  of  our  older  cards  so 
we  decided  to  go  ahead  and 
evaluate  how  many  [defective 
modules]  are  out  there  and 
just  go  ahead  and  swap  them 
out,”  Christensen  says.  “We’ve 
not  been  impacted  at  all,  and 
we  actually  have  a  pretty 
decent  number  of  those 
cards.” 

Reports  surfaced  last  week 
that  Cisco  fired  the  contract 
manufacturer  of  the  lOBase-T 
modules.  But  a  company 
spokesman  denies  that. 

“We  didn’t  fire  them;  we 
took  them  off  the  certified  list 
and  are  working  with  them  to 
get  them  recertified,”  the 
spokesman  says.  He  declined  to 
name  the  manufacturer,  which 
was  recertified  late  last  week. 

The  spokesman  says  the 
recall  will  not  materially 
affect  Cisco’s  earnings  for  the 
second  quarter  of  fiscal  2000. 
He  declined  to  state  how 
much  the  episode  will  cost 
the  company. 

“It’s  insignificant  enough 
that  it’s  not  going  to  be  a 
reported  item,”  he  says.  B 
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AN  ALTERNATE  WAY  TO  COMMUNICATE 
WHEN  YOUR  INTERNET  SERVICE  WON'T. 
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1  certificates 

Go  Secure  service  automates  digital  certificate  enrollment  and  registration  to  verify  Check  Point  VPN  users. 


BY  TIM  GREENE 

MOUNTAIN  VIEW,  CALIF.  — 
VeriSign  thinks  it  should  be 
easier  to  use  digital  certificates 
to  verify  virtual  private  net¬ 
work  (VPN)  users,  so  the  com¬ 
pany  is  simplifying  the 
process. 

Rather  than  using  a  cum¬ 
bersome  manual  procedure 
to  enroll  in  VeriSign’s  certifi¬ 
cate  authority  service,  users 
of  the  company’s  new  auto¬ 
mated  service  will  be  able  to 
simply  integrate  VeriSign  cer¬ 
tificates  and  encryption  keys 
with  VPN  gear  made  by  other 
vendors. 

The  first  vendor  to  partner 
in  the  VeriSign  venture,  known 
as  Go  Secure,  is  Check  Point. 
VeriSign  plans  to  announce 
similar  relationships  with 
Nortel  Networks  and  other 
VTN  vendors  later  this  year. 

To  use  Go  Secure,  cus¬ 
tomers  must  first  buy  a  Check 
Point  VPN-1  firewall  or 
SecureRemote  VPN  software. 
Neither  of  those  products 
comes  with  digital  certificates. 

In  the  past,  customers  could 


buy  a  VeriSign  service  called 
On-Site  to  get  digital  certifi¬ 
cates,  but  they  had  to  config¬ 
ure  their  VPN  clients  manually. 

This  task  is  so  complicated 
that  it  requires  an  IS  staff 
member  to  register  each  end- 
user  machine,  says  James 
Mascaro,  network  architect  for 
Xcelerate,  an  e-business  con¬ 
sultancy  in  Fort  Lauderdale, 
Fla. 

“It’s  a  rather  lengthy  and 
easily  messed-up  process,” 
Mascaro  says. 

“As  soon  as  you  get  a  large 
number  of  users,  distributing 
certificates  becomes  unman¬ 
ageable,”  says  Steve  Harris,  an 
analyst  with  International  Data 
Corp.  in  New  York. 

With  the  Go  Secure  service 
for  Check  Point  products, 
rather  than  going  through  a 
complex  string  of  download¬ 
ing  files  and  importing  them 
into  Check  Point  VPN  soft¬ 
ware,  end  users  log  on  to  a  Web 
site  and  click  twice.  They  can 
then  use  a  VeriSign  certificate 
to  authenticate  themselves  for 
the  purpose  of  exchanging 
encryption  keys  used  to  secure 


Internet  connections. 

For  Check  Point,  Go  Secure 
automates  interactions  be¬ 
tween  an  end  user’s  Web 
browser  and  a  Check  Point 
client  to  install  certificates. 
With  Go  Secure  for  other  ven¬ 
dors,  automation  of  the 
VeriSign  enrollment  will  take 
place  within  the  VPN  client 
software  itself. 

Without  the  automated 
process,  Check  Point  end 
users  would  have  to  pick  up 


certificates  from  a  VeriSign 
Web  site  and  install  them  in 
their  browsers.  Then  users 
would  export  them  to  their 
hard  drives  and  import  them 
into  their  Check  Point  clients. 

“It’s  ugly,”  says  Marshall 
Behling, VeriSign’s  strategic  bu¬ 
siness  development  manager. 

With  Go  Secure,  network 
administrators  have  some  work 
to  do  before  end  users  can  use 
the  automated  enrollment.  First 
they  must  upload  a  list  of 


J.D.  Edwards  offering  ERP  suite  as  hosted  apps 


BY  ELLEN  MESSMER 

DENVER  —  J.D.  Edwards  & 
Company  last  week  began 
offering  its  enterprise  re¬ 
source  planning  suite  as  a 
hosted  online  application 
through  UUNET,  MCI  World- 


Corn’s  Internet  division. 

Todd  Huebsch,  J.D.  Ed¬ 
wards’  director  of  business 
development,  says  the  ERP 
firm  is  teaming  with  Deloitte 
Touche  to  help  business  cus¬ 
tomers  set  up  J.D.  Edwards’ 
OneWorld  applications  for 


access  over  public  or  private 
networks. 

The  six  OneWorld  applica¬ 
tions  include  financial  report¬ 
ing,  manufacturing  and  project 
management.  Pricing  on  the 
hosted  version  is  determined 
on  a  case-by-case  basis,  and 
Huebsch  declined  to  detail  the 
savings  a  company  might 
expect  from  choosing  that 
route  instead  of  buying. 

Two  years  ago,  J.D.  Edwards 
worked  out  agreements  with  a 
handful  of  business  partners, 
including  IBM  Global  Services 
and  Aristisoft,  to  let  them  pro¬ 
vide  the  OneWorld  suite  as 
application  service  providers 
(ASP).  Now  J.D.  Edwards  is  get¬ 
ting  into  the  hosted  applica¬ 
tion  business  because  of  pre¬ 
dictions  that  the  market  will 
grow  dramatically. 

One  company  adopting  the 
ASP  way  of  life  is  Spyder 
Active  Sports,  a  Boulder, 


Colo.,  maker  of  ski  and  sports 
apparel.  Spyder  calculates 
that  it  saves  between  $30,000 
and  $60,000  per  year  by  out¬ 
sourcing  to  Prentice,  an  ASP 
in  Denver  and  a  J.D.  Edwards 
partner. 

Kevin  Smith,  Spyder’s  IS 
manager,  says  the  firm  was 
careful  in  crafting  a  common 
understanding  with  Prentice 
about  guaranteed  uptime  and 
that  the  company  retains  full 
control  of  its  OneWorld  data 
housed  in  Prentice’s  facility. 

“In  our  contract,  there’s 
wording  that  says  under  no 
circumstances  can  they  hold 
our  data  during  any  dispute,” 
Smith  notes.  He  adds  that 
Spyder’s  employees  are  going 
to  access  the  hosted  financial 
application  through  a  private 
T-l  line  and  the  public 
Internet. 

J.D.  Edwards:  www.jded 
wards.com 


OneWorld,  many  functions 

Descriptions  of  suites  and  their  applications  in  J.D.  Edwards 
OneWorld: 

■ .  • 

Application  suite 

Features  and  applications 

Foundation  Suite 

Address  book,  financial  analysis  spreadsheet  and 
computer-assisted  design. 

Financial  Suite 

Accounts  receivable/payable  and  general  ledger. 

Distribution  Suite 

Equipment,  inventory  and  transportation  management, 
facility  planning. 

Manufacturing  Suite 

Product  data  and  configuration  management. 

Project  Management 

*  Suite 

- - -  - 

0  Human  Resources 
-^Management  Suite 

Property  management,  order  processing,  inventory 
management  and  contract  billing. 

Human  resources  time  accounting. 

iroll  Suite 

Payroll  time  accounting. 

fe. 

authorized  users,  and  each  one 
is  assigned  a  passcode  by 
VeriSign.  The  lists  can  be  inte¬ 
grated  with  existing  firewall 
user  databases  or  Lightweight 
Directory  Access  Protocol  files. 

Administrators  then  distrib¬ 
ute  the  passcodes  securely  and 
tell  end  users  to  pick  up  their 
certificates  at  a  secure  VeriSign 
Web  page. 

Go  Secure  for  Check  Point 
costs  $35,000  for  up  to  500 
users  or  $60,000  for  1,000 
users.  It  will  be  available  in 
February. 

Go  Secure  for  Nortel 
Contivity  products  is  sched¬ 
uled  for  release  this  spring,  but 
no  other  details  were  avail¬ 
able.  Go  Secure  for  other  ven¬ 
dors’  products  is  scheduled  for 
later  this  year. 

VeriSign:  www.verisign.com 


Net  Know-It-All 


For  the  answer  to  this  week's  question  and 
more  net  trivia,  visit  Network  World 

Fusion  and  enter  2349  in  the  DocFinder  box. 


This  week's  question: 


What  Linux  vendor 
was  originally  known 
as  Gesellschaft 
fur  Software  und 
Systementwicklung 
mbH? 


www.nwfusion.com 


Getting  certified 


Users  of  Check  Point  VPN  gear  can  now  buy  public-key  infrastructure  services  featuring  streamlined 
digital  certificate  distribution,  compliments  of  VeriSign. 


Network  administrator 


©  A  network  administrator 
uploads  a  list  of  author¬ 
ized  users  to  VeriSign’s 
certificate  authority, 
which  assigns  each  a 
passcode.  The  admini¬ 
strator  distributes  the 
passcodes  securely  to 
remote  users. 


Authorized 
user  list 


©  A  network  administrator 
updates  the  firewall 
about  authorized 
certificate  users. 


©  End  users  log  on  to  a  VeriSign  site  to 
download  a  certificate  and  encryption 
key  pair  to  establish  a  VPN  tunnel. 


«■ 


Internet 


Router 


“t." 

Remote  users 
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A  mother-to-be  in  Brussels. 
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A  grandmother-to-be  in  Beijing.  if 

T,  tf'i 

Thousands  of  miles  separate  them- 

An  optical  internet  carrying  live  video  of  this  miracle  connects  them. 

*  -  b  '  . 

It’s  the  kind  of  magical  moment  the  next  generation  network  from  Marconi  can  deliver. 

A  faster,  more  reliable  optical  internet  with  the  bandwidth  to  bring  more  possibilities  into  the  world. 

.  '  .  '  ,  .  I 


With  this  kind  of  power  at  your  fingertips,  now’s  the  time  to  ask- 
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When  will  your 


finest  hour 


be? 


communications 


services 


systems 


News 


Y2K  efforts  have  long-term  benefits 

Network  upgrades,  accurate  inventories  and  streamlined  procedures  result  from  Y2K  preparation. 


BY  CAROLYN 
DUFFY  MARSAN 
AND  JOHN  COX 

Were  Y2K  remediation 
efforts  a  big  waste  of  time 
and  money  for  corporate 
America?  The  answer  looks  to 
be  a  resounding  no. 

Network  professionals  re¬ 
port  a  host  of 
benefits  they  will 
enjoy  in  2000  and 
beyond  because 
of  IT  inventories, 
business  analysis 
and  system  test¬ 
ing  completed 
under  the  um¬ 
brella  ofY2K  pre¬ 
paredness. 

Overall,  the  U.S. 
spent  more  than 
$100  billion  fixing 
the  Y2K  problem 
since  1995,  ac¬ 
cording  to  John 
Koskinen,  the  fed¬ 
eral  government’s 
Y2K  czar.  He  esti¬ 
mates  that  the  rest 
of  the  world  spent 
an  additional 
$100  billion  to 
repair  and  replace 
computer  systems 
and  networks  in 
preparation  for 
the  millennium 
date  change. 

The  invest¬ 
ments  appear  to 
have  been  wise.  While  many 
government  agencies  and 
companies  experienced  minor 
Y2K-related  glitches,  no  signif¬ 
icant  system  outages  occurred 
over  New  Year’s  weekend.  And 
although  it’s  too  early  to 
declare  victory  over  Y2K,  date- 
change  problems  expected 
during  the  next  few  weeks 
and  months  will  likely  be  nui¬ 
sances  rather  than  business¬ 
crippling  matters. 

Lesson  learned 

As  IT  executives  close  up 
their  command  centers, 
they’re  putting  together  the 
lessons  they’ve  learned  from 
the  Y2K  drill.  They  say  one  of 
the  biggest  advantages  is  Y2K 
forced  them  to  thoroughly 
inventory  and  document  IT 
systems  and  networks. 


“We  were  able  to  conduct  a 
very  intensive  inventory  of  all 
our  systems,”  says  Lyn 
McDermid,  chief  information 
officer  of  Virginia  Power  in 
Richmond,  Va.  “As  a  result  of 
that,  we’ve  eliminated  quite  a 
few  redundant  applications, 
and  we  eliminated  systems 
that  were  obsolete.  That 


Y2K  spending:  Worth  the  price 

Many  network  professionals  are  saying 
that  money  spent  in  preparation  for  Y2K 
not  only  made  their  systems  compliant, 
but  also  more  efficient  overall. 


U.S.  spending  on  Y2K 

(in  billions) 


1998 


1999  2000 


2001 


Total  worldwide  Y2K  spending 


Asia:  $62 


Total:  $319 


U.S.:  $134 


Rest  of 
world:  $19 


Note:  Figures  are  estimates 

SOURCE:  INTERNATIONAL  DATA  C0RP., 


Western 
Europe:  $104 

FRAMINGHAM,  MASS. 


should  reduce  our  support 
costs. 

“We  were  also  able  to  intro¬ 
duce  some  new  technology 
and  jump-start  our  Web  devel¬ 
opment,”  McDermid  adds.  “We 
feel  that  we  really  did  get  ancil¬ 
lary  benefits  fromY2K.” 

Similarly,  Prudential  Insu¬ 
rance  created  strategic  inven¬ 
tories  of  its  software,  hard¬ 
ware  and  business  partners. 
Irene  Dec,  Prudential’s  Y2K 
program  manager,  says  these 
inventories  will  allow  the 
financial  services  giant,  head¬ 
quartered  in  Newark,  N.J.,  to 
move  faster  in  adopting  com¬ 
puting  standards,  which  will 
in  turn  simplify  software 
development,  management 
and  maintenance. 

“Our  senior  IS  management 
now  can  get  a  complete  view 


of  our  current  computing 
environment  and  our  software 
development,”  Dec  says.  “So 
they  can  accurately  plan  how 
to  move  forward  with 
changes.” 

These  inventories  are  espe¬ 
cially  valuable  for  corporate 
networks,  which  tend  to  grow 
like  kudzu. 

“Corporate  networks  were 
all  looked  at  very  carefully  and 
cleaned  up,”  says  Tom  Oleson, 
research  director  and  IT  advi¬ 
sor  at  International  Data 
Corp.,  a  market  research  firm 
in  Framingham,  Mass.  “This 
will  make  it  easier  for  compa¬ 
nies  to  move  onto  the  Internet 
and  create  e-commerce-type 
activities.” 

Planning  ahead 

Another  positive  outcome 
ofY2K  is  that  companies  have 
analyzed  and  prioritized  their 
business  systems  and  created 
disaster-recovery  plans. 

“Y2K  opened  up  a  lot  of 
eyes  as  to  how  large  our  net¬ 
work  is  and  that  it  provides  a 
lot  of  functionality,”  says  Mike 
Green,  a  senior  messaging 
analyst  with  Thomson  Finan¬ 
cial  in  Boston. “We  had  to  con¬ 
sider  what  we  would  do  if 
everything  fell  on  its  face.  It 
forced  us  to  consider  our  poli¬ 
cies,  procedures  and  docu¬ 
mentation.” 

Thomson  considered  disas¬ 
ter  recovery  when  it  recently 
migrated  to  a  Microsoft 
Exchange  system  with  distrib¬ 
uted  management  capabilities. 
“We  structured  it  in  such  a 
way  that  any  one  of  our  major 
sites  can  run  the  whole  show,” 
Green  explains.  “If  we  get  a 
snowstorm  like  the  Blizzard  of 
’78,  folks  in  the  U.K.  or 
Australia  could  get  into  my 
environment  and  manage  it.” 

Another  benefit  of  the  Y2K 
experience  is  that  many  orga¬ 
nizations  tightened  up  their 
procedures  for  testing  applica¬ 
tions,  systems  and  interoper¬ 
ability.  This  should  allow  IT 
departments  to  deliver  higher- 
quality  software,  on  time  and 
at  lower  cost. 

“We’ve  put  in  place  better 
testing  processes  and  more 
independent  testing  and  verifi¬ 
cation  because  of  Y2K,”  says 


Bill  Robertson,  Year  2000  pro¬ 
gram  manager  at  the  American 
Red  Cross. 

Virginia  Power  will  now  get 
a  broader  view  of  its  systems 
thanks  to  the  Y2K  effort, 
according  to  McDermid. 

“We’ll  be  a  lot  more  tuned 
in  to  looking  at  the  overall 
impact  of  how  systems  inte¬ 
grate  with  each  other,” 
McDermid  says.  “We  always 
looked  at  systems  from  a  trans¬ 
action  perspective.  But 
because  our  environment  is  so 
highly  complex,  there’s  very 
little  in  one  application  that 
doesn’t  have  an  effect  some¬ 
where  else.” 

In  coordinatingY2K  remedi¬ 
ation  efforts,  IT  staffs  gained 
valuable  experience  with  pro¬ 
ject  management  tools  that 
will  be  put  to  use  in  the 
future. 

Prudential,  for  example,  cre¬ 
ated  a  special  council  to  docu¬ 
ment  best  practices  and  set 
standards  for  project  manage¬ 
ment  across  the  company. 
Virginia  Power  will  use  the 
same  project  management 
organization  from  its  Y2K 
effort  to  coordinate  a  merger 
with  Consolidated  Natural  Gas 
of  Pittsburgh  that  is  expected 
to  close  Jan.  28. 

The  Y2K  coordination 
efforts  have  led  to  better  work¬ 
ing  relationships  for  IT  depart¬ 
ments,  within  their  organiza¬ 
tions  and  with  suppliers  and 
partners. 

“One  of  the  benefits  of  the 
Y2K  experience  is  that  it 
helped  build  a  sense  of  team,” 
says  Robertson.  “We  had  the 
whole  organization  working 
on  this  issue,  not  just  the  IT 
shop.”  3 
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otus  hopes  to  soar  with 


BY  JOHN  FONTANA 

CAMBRIDGE,  MASS.  —  Since  Lotus 
has  already  let  plans  for  its  Raven  knowl¬ 
edge  management  suite  out  of  the  bag, 
the  company  will  use  its  annual  user 
conference  next  week  to  answer  ques¬ 
tions  as  to  whether  the  project  will  fly  in 
the  enterprise. 

Raven  is  the  code  name  for  a  collec¬ 
tion  of  technologies  Lotus  hopes  will 
make  it  easier  for  users  to  build  desktop 
portals,  and  organize  and  access  data. 
Raven  is  expected  to  be  a  major  topic 
during  Lotusphere  2000  in  Orlando. 
Lotus  also  is  expected  to  detail  support 
for  XML  throughout  Domino  and  tout 
offline  services  that  open  Domino  repli¬ 
cation  to  Web  browsers  and  other 
clients.  The  company  also  will  hype 
Domino  R5,  which  enterprise  customers 
have  been  slow  to  adopt. 

But  Raven  is  key  as  Lotus  pushes  col¬ 
laboration  beyond  shared  calendaring 
and  threaded  discussions.  Raven  com¬ 


bines  a  data  store  based  on  IBM’s  DB2 
with  sophisticated  indexing,  searching, 
instant  messaging  capabilities  and  a 
desktop  interface  with  such  services  as 
e-mail,  discussion  groups  and  data  repos¬ 
itories.  Raven  is  designed  to  help  users 
locate  data,  find  users  who  have  exper¬ 
tise  with  that  data  and  contact  those 
users  instantly.  Microsoft  is  countering 
with  its  Digital  Dashboard,  a  customiz¬ 
able  desktop  portal,  and  a  set  of  search 
and  index  tools  code-named  Tahoe. 

The  intent  of  both  vendors  is  to 
allow  enterprise  users  to  mine  data 
from  the  mountain  of  electronic  docu¬ 
ments  stored  in  database,  e-mail  and  file 
systems. 

Lotus  provided  a  glimpse  of  Raven 
late  last  year  at  Lotusphere  Europe,  but 
many  users  and  analysts  say  they  saw 
nothing  more  than  a  concept. 

“Raven  is  easy  to  visualize,  but  I’m 
wondering  what  pieces  of  it  will  actually 
work  for  us,”  says  Mike  DiNapoli,  knowl¬ 
edge  management  system  administrator 


Raven 

for  Keane,  Inc.,  an  IT  services  firm  in 
Boston.  The  company  uses  Domino  as 
the  foundation  of  an  internal  knowledge 
management  application  called  KMS 
and  is  hoping  Raven  will  eventually 
replace  Domino’s  weak  search  engine. 
“My  feel  is  that  Raven  is  a  component 
strategy,  and  we  ll  evaluate  those  com¬ 


ponents  and  see  what  we  can  use,” 
DiNapoli  says. 

While  Lotus  says  Raven  is  a  corner¬ 
stone  of  its  knowledge  management 
platform,  observers  say  the  company  has 
a  lot  of  work  to  do.  “Lotus  needs  to  pro¬ 
vide  examples  as  to  what  Raven  can  do,” 
says  Jon  Johnston,  a  senior  technology 
analyst  for  Creative  Business  Solutions,  a 
systems  integrator  in  Minneapolis. 

Raven  is  expected  to  go  into  beta  test¬ 
ing  this  quarter  and  ship  around 
midyear.  U 


Papows, 

continued  from  page  1 

from  gloom  about  the  future  of  Lotus 
to  relief  that  Papows’  present  trou¬ 
bles  are  now  behind  the  software 
maker. 

“I  am  not  optimistic.  IBM  is  send¬ 
ing  a  suit  to  the  top  of  Lotus,  and  that 
will  be  the  end  of  that,”  says  Scott 
Wenzel,  who  maintains  a  number  of 
unofficial  Lotus-related  Web  sites  and 
is  a  Notes  administra¬ 
tor  for  a  large  federal 
agency.  “The  Lotus 
culture  has  been 
grinding  against  IBM, 
and  Papows  was  the 
friction  point.” 

Papows  alluded  to 
this  in  his  internal 
memo  to  staff 
announcing  his  resig¬ 
nation,  saying:“I  would 
like  to  once  again  lead 
an  independent  orga¬ 
nization.” 

Bad  press  a  factor? 

IBM  and  Lotus  offi¬ 
cials  publicly  insisted 
that  Papows’  resigna¬ 
tion  was  unrelated  to 
the  negative  press  reports  and  harass¬ 
ment  allegations.  The  resignation 
comes  just  a  week  before  the 
Lotusphere  2000  customer  confer¬ 
ence,  which  Papows  will  attend. 

“The  powerhouse  of  Lotus  is  at  Iris 
[a  software  development  subsidiary], 
and  IBM  has  been  driving  the  overall 
company  for  years  now,”  says  Paul 
Meredith,  a  network  administrator  at 
Steelox  Systems  in  Mason,  Ohio.  “I’m 
not  sure  the  resignation  makes  that 
much  of  a  difference.” 

But  one  former  employee  says 
Papows’  resignation  means  Lotus  “has 
lost  its  identity,  and  IBM  is  pulling 
together  [the  different  components 
of]  its  software  division.”  Lotus’  iden¬ 
tity  was  that  of  an  innovative  soft¬ 
ware  company  marked  by  intelligent, 
quirky  employees.  But  the  ex-employ- 
ee,  who  asked  not  to  be  identified, 
concedes  that  the  resignation  will 
give  Lotus  a  better  opportunity  to 
focus  and  will  make  it  a  more  tena¬ 
cious  competitor. 


“There  has  been  a  level  of  frustra¬ 
tion  in  the  developer  community 
because  Papows  has  been  a  lame 
duck,”  says  David  Shimberg,  executive 
vice  president  of  IT  Factory,  one  of 
Lotus’  top  business  partners.  “The 
organization  was  at  a  standstill,  and 
this  takes  away  a  distraction.” 

Lotus  was  nowhere  near  a  stand¬ 
still  for  most  of  Papows’  term  at  the 
helm.  In  1996,  he  took  over  a  compa¬ 
ny  that  was  suffering.  IBM  was  facing 
harsh  criticism  for 
acquiring  Lotus, 
which  critics  said 
would  be  made  obso¬ 
lete  by  the  Web.  But 
Papows  helped  turn 
Lotus  around,  driving 
the  installed  base  of 
Notes/Domino  to  a 
purported  50  million 
seats  and  returning 
profitability  to  the 
company. 

But  last  April,  a 
scathing  article  in  The 
Wall  Street  Journal 
rocked  Lotus  and 
Papows.  The  story 
contended  that 

Papows  had  lied  about 
and  exaggerated  his 
personal  history,  military  experience 
and  educational  records.  And  less  than 
a  month  later,  Papows  was  named  in  a 
sexual  discrimination  complaint 
brought  by  a  former  Lotus  employee. 

Not  a  stuffed  shirt 

Taking  Papows’  place  will  be  the 
soft-spoken  and  introspective  Zollar, 
who  has  held  a  number  of  manage¬ 
ment  positions  at  IBM,  including  vice 
president  of  development  for  Tivoli. 

“He  has  a  very  good  reputation,” 
says  Nick  Francis,  CEO  of  Tawe 
Software  and  a  former  IBM  executive 
who  worked  with  Zollar  in  Research 
Triangle  Park,  N.C.  Francis  notes  that 
Zollar  is  not  a  stuffed  blue  shirt  from 
IBM’s  old  days.  “He’s  always  been  out 
of  the  box  and  gone  away  from  the 
traditional  approach.  He  will  fit  in 
well  at  Lotus.”  3 
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The  ins  and  outs  at  Lotus 

Jeff  Papows  resigned  as 
Lotus'  CEO  last  week  after  a 
year  under  the  gun.  He  will 
be  replaced  by  Al  Zollar, 
former  general  manager  of 
IBM's  now-defunct  Network 
Computing  Software 
Division. 


New  CEO  Al  Former  Lotus 

Zollar  CEO  Jeff 

Papows 
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Microsoft  and  Intel  shrink  the  size  of  computers 


BY  JOHN  cox 

LAS  VEGAS  —  Once  you 
got  past  the  voice-activated 
light  switches  and  the  multi¬ 
media  advances  in  Internet 
pornography,  last  week’s 
2000  Consumer  Electronics 
Show  (CES)  actually  had 
news  that  corporate  IS  man¬ 
agers  should  note. 

For  instance,  Intel  jumped 


into  the  Web  appliance  market 
by  revealing  plans  to  offer  an 
array  of  hardware  and  soft¬ 
ware  products.  These  prod¬ 
ucts,  along  with  a  range  of 
development  services,  are 
designed  to  help  telcos  and 
ISPs  create  new  Web  services 
that  will  be  accessed  by  a 
range  of  Web  appliances, 
including  handhelds. 

Officials  said  Intel  is  creat¬ 


ing  its  own  line  of  Linux- 
based  Web  appliances,  which 
carriers  will  be  able  to  buy  in 
bulk  and  resell  or  give  away 
to  users  who  subscribe  to  the 
carriers’  services.  The  first 
products  will  be  available 
around  midyear. 

Along  with  other  partners, 
Intel  will  help  the  service 
providers  develop  new  appli¬ 
cations,  and  information,  for 


IPSec, 

continued  from  page  1 

combines  Layer  2  Tunneling 
Protocol  (L2TP)  with  IPSec 
encryption  in  order  to  support 
non-IP  protocols  and  authenti¬ 
cation  mechanisms  attractive 
to  companies  conducting 
business-to-busi- 
ness  e-commerce. 

Until  fairly  recently, 
it  was  unclear 
whether  Microsoft 
would  actually  be 
able  to  squeeze  the 
VPN  features  into 
Win  2000. 

Now  that  Micro¬ 
soft  is  readying  Win 
2000  for  a  Feb.  17 
general  release, 

VPN  vendors  are 
scrambling  to  add 
support  for 

L2TP/IPSec  to  their  offerings. 

Newbridge,  for  instance, 
will  upgrade  its  TimeStep 
Permit  VPN  gateway  to  sup¬ 
port  L2TP  this  year  so  that  it 
can  work  with  Microsoft 
clients  as  well  as  TimeStep 
IPSec  clients,  says  Tim 
Hember,  a  vice  president  at 
Newbridge. 

“But  L2TP  will  be  a  burden 
on  the  customer  —  it  doesn’t 
scale  up  very  well,”  Hember 
grumbles. 

Another  VPN  competitor, 
RadGuard,  has  also  been 
forced  to  recalculate  its  strat¬ 
egy  in  the  face  of  the 
Microsoft  VPN  invasion. 

“If  you’re  using  IP,  we  don’t 
see  the  reason  to  use  L2TR”  says 
Iris  Tal,  RadGuard’s  technical 
support  manager.  “It  only  caus¬ 
es  overhead  for  network  traffic 
because  it’s  ‘double-tunneling.’ 
But  because  of  Microsoft’s 
L2TP  client  software,  I’m  sure 
we  ll  do  the  support  for  it  in 
our  product.” 

“If  Microsoft  weren’t  deliv¬ 


ering  this  in  their  operating 
system,  there  would  be  a  lot 
less  gnashing  of  teeth,”  notes 
Mark  Elliott,  a  product  line 
manager  at  Check  Point, 
which  counts  15  million  of  its 
own  VPN  clients  on  desktops. 
“But  we  have  to  support  the 
Microsoft  client  because  we 
presume  it  will  be 
the  general  enter¬ 
prise  desktop  client 
later  in  2000.” 

Ashley  Laurent,  a 
company  in  Austin, 
Texas  that  builds 
IPSec  software  code 
for  large  vendors,  in¬ 
cluding  IBM  and  for¬ 
eign  military  organi¬ 
zations,  is  working 
on  L2TP-based  IPSec 
code  under  con¬ 
tract  for  unnamed 
customers. 

The  company  is  doing  so 
somewhat  reluctantly.  “We 
won’t  recommend  L2TP  to  our 
customers,”  says  Jeff  Goodwin, 
Ashley  Laurent’s  CEO.The  com¬ 
pany’s  analysis  of  Windows 
2000 ’s  VPN  technology  shows 
that  it  is  unstable  and  adds  10% 
more  overhead  to  data  content 
during  transmissions. 

Still,  Goodwin  notes  that 
the  IPSec  efforts  of  the  IETF 
and  industry  groups  such  as 
the  International  Computer 
Security  Association  have 
not  yet  successfully  resolved 
the  technical  issues  pertain¬ 
ing  to  building  a  strong,  inter¬ 
operable  IPSec  client.  He 
hopes  the  recent  IETF  draft 
“DHCP  Configuration  of 
IPSec  in  Tunnel  Mode”  and 
the  “XAUTH”  authentication 
proposal  eventually  will 
replace  Microsoft’s  L2TP. 

But  with  VPN  vendors 
embroiled  in  interoperability 
battles  for  years  and  the  prob¬ 
lem  of  the  IPSec  client  un¬ 
resolved,  Microsoft’s  entry 


with  its  Win  2000  VPN  will  be 
a  tempting  prospect  for  the 
user  community. 

Microsoft  customers  will 
need  L2TP  with  IPSec  to 
make  use  of  various  pass¬ 
word-based  authentication 
protocols,  such  as  Pap,  Chap, 
MSChap  and  the  Extensible 
Authentication  Protocol,  says 
Rob  Cully,  Microsoft’s  lead 
product  manager  for 
Windows  networking.  He 
points  out  that  Win  2000  also 
includes  a  Radius  server  for 
handing  off  these  types  of 
authentication  requests. 

Microsoft’s  VPN  tech¬ 
nology  can  also  be  used  to 
encrypt  multicast  conference 
sessions,  such  as  those  using 
NetMeeting. 

Not  all  vendors  have  been 
opposed  to  L2TP,  Cully  says, 
pointing  out  that  3Com,  Lucent, 
Nortel  Networks,  Altiga  Net¬ 
works  and  Network  Alchemy 
are  in  the  process  of  deploying 
or  testing  L2TP/  IPSec  in  their 
products. 

However,  Cully  says  there’s 
some  truth  in  the  criticism 
that  Microsoft’s  IPSec  raises 
overhead.  And  for  that  reason, 
Microsoft  has  included  tech¬ 
nology  in  Win  2000  to  help 
companies  build  encryption 
accelerators  that  speed  up 
transaction  processing  on 
machines  running  Microsoft’s 
new  software. 

In  the  next  few  weeks, 
nCipher  will  announce  a  ver¬ 
sion  of  its  nFast  accelerator 
for  Win  2000,  company 
sources  say.  Separately,  3Com 
is  shipping  a  card  dubbed 
Typhoon,  and  Intel  is  work¬ 
ing  on  a  coprocessor  that 
supports  Win  2000  and  that 
will  ship  later  this  year.  \jk 
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Newbridge's  Hember 
says,  "L2TP  will 
be  a  burden  on  the 
customer." 


these  appliances.  Finally,  Intel 
is  building  management  soft¬ 
ware  that  will  let  the  carriers 
remotely  support  and  manage 
the  new  services. 

Despite  the  seeming  con¬ 
sumer  focus  of  the  announce¬ 
ment,  the  carriers  are  likely 
to  see  the  biggest  —  and 
most  profitable  —  demand 
for  such  wireless  services 
from  businesses. 

Microsoft  flexes 

Not  to  be  outdone  by  its 
sometimes  partner,  Microsoft 
made  a  splash  at  CES,  with  a 
keynote  address  by  CEO  Bill 
Gates  and  new  announce¬ 
ments  in  the  appliance  mar¬ 
ket,  including  some  further 
tinkering  with  the  Windows 
CE  operating  system,  and  an 
expansion  of  wireless  Web 
access  services. 

During  his  speech,  Gates 
demonstrated  a  new  class 
of  device,  based  on  yet  anoth¬ 
er  version  of  Windows  CE, 
called  the  Pocket  PC.  Micro¬ 
soft  seems  to  have  stripped 
yet  more  from  Windows  CE  to 
make  the  Pocket  PC  platform, 


formerly  called  Rapier,  sim¬ 
pler  to  use  and  easier  to 
write  for. 

The  new  devices,  to  be  built 
by  Compaq,  Casio,  Hewlett- 
Packard  and  other  vendors, 
will  include  Microsoft  Reader, 
a  program  that  greatly  sharp¬ 
ens  the  appearance  of  text  on 
an  LCD  screen. 

Microsoft  also  said  it  will 
offer  its  MSN  Mobile  Service 
through  carriers  and  service 
providers.  These  third  parties 
can  now  package  MSN 
Mobile,  which  gives  sub¬ 
scribers  wireless  access  to 
the  Microsoft  Network 
(MSN). 

In  addition,  Microsoft 
unveiled  MSN  Mobile  Service 
2.0,  which  now  will  run  on 
Web-enabled  cellular  phones. 
MSN  Mobile  2.0  will  be  inte¬ 
grated  with  MSN  Hotmail, 
Microsoft’s  Web-based  e-mail 
service,  and  with  other 
Microsoft  offerings,  such  as 
MSN  Money  Central  and 
Expedia.com. 

Additional  reporting  by 
IDG  News  Service 
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Network  World  Fusion  now  has  more  news  than  ever. 
Check  out  these  stories  online: 


Excite  offers  free  Net  access 
Want  a  free  Internet  service, 
but  don’t  trust  some  of  the 
smaller,  newer  players  offering 
these  ad-based  services?  Well 
maybe  ExciteAtHome  will 
change  your  mind. The  well- 
known  company  last  week 
teamed  with  lstup.com  to 
provide  free  Internet  access. 

A  lot  of  folks  claim  that  such 
services  are  only  for  consumers  —  that  business  types  would 
laugh  companies  like  Excite  out  of  the  room.  But  didn’t  critics 
say  the  same  thing  about  sub-$  1 ,000  PCs  and  PalmPilots? 
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Get  your  news  here! 

NetFlash  delivers  network 
news  to  your  e-mail  inbox, 
every  day,  free  of  charge. 
And  it  includes  occasional 
flashes  of  wit.  Sign  up  today, 
sit  back  and  let  the  news 
come  to  you. 

DocFinder:  3850 
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Sun  says  fixes  in  place  to  stop  attacks  on  Solaris  servers 

Sun  has  had  a  lot  of  fun  making  jokes  about  Microsoft  security 
problems.  Well  lately,  some  Sun  servers  have  been  overwhelmed 
by  clever  denial-of-service  attacks.  Sun  says  it  learned  of  the 
problems  months  ago,  and  patches  were  written  and  posted 
long  ago.  DocFinder:  6342 

Microsoft's  Taiwan  Web  site  hacked 

Guess  who  forgot  to  use  its  own  patch? 

Microsoft.  How  do  we  know?  Because 
hackers  had  their  way  with  Microsoft’s  Web  site  in  Taiwan.  By 
failing  to  patch  its  Web  Server,  Microsoft  left  itself  open  not  just 
to  the  hackers,  but  also  to  the  embarrassment  of  ignoring  its 
own  advice.  DocFinder:  6343 
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"...SPECTRUM  Enterprise  Manager  has  the  edge  in  customer  satisfaction." 

—NetworkWorld,  September  1999 


Thank  you  for  making 


In  NetworkWorld's  recent  survey  on  network 
management,  customers  rated  SPECTRUM  the 
number-one  management  solution  over  Hewlett 
Packard,  Tivoli  and  Computer  Associates  in  four 
major  decision-making  categories: 

•  Scalability 

•  Integration 

•  Management  Capabilities 

•  Overall  Value 


In  fact,  network  managers  gave  SPECTRUM  an 
"A"  grade  of  90,  putting  us  at  the  head  of  the 
class!  SPECTRUM  also  scored  significantly  higher 
than  Hewlett  Packard,  Tivoli  and  Computer 
Associates  in: 


•  Configuration  Management 

•  Problem  Management 

•  Network  Optimization 

•  Systems  Optimization 
Automated  Diagnosis 
Alert  Correlation 


To  receive  your  free  copy  of  the  NetworkWorld  survey  on  network  management,  give  us 
a  call  toll  free  at  1-877-437-0291.  You  can  also  download  the  survey  off  the  web  at 
www.spectrummgmt.com 


Headquarters:  121  Technology  Drive,  Durham,  NH  03824  •  P:  (603)  337-7000  •  F:  (603)  337-5734  •  Internet:  www.spectrummgmt.com 
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VoIP, 

continued  from  page  1 

installing  voice-over-IP  gate¬ 
ways  by  the  end  of  2001  (see 
graphic). 

Because  these  new,  unified 
carrier  networks  will  simply 
be  switching  packets,  inte¬ 
grating  voice  and  data  traffic 
will  be  easier  than  it  is 
with  separate  voice  and  data 
networks. 

That  will  result  in  services 
such  as  unified  messaging,  in 
which  voice,  fax  and  e-mail 
are  all  combined. 

These  new  networks  will 
also  be  less  expensive  to 
install  and  easier  for  carriers 
to  manage  than  traditional 
voice  networks. 

So  when  the  likes  of  AT&T 
and  BellSouth  start  rolling  out 
voice-over-IP  service  bundles, 
business  users  should  expect 
cost  savings,  says  Lisa  Pierce, 
director  of  telecommunica¬ 


tions  services  at  Giga 
Information  Group,  a  Cam¬ 
bridge,  Mass.,  consulting  firm. 

“But  because  big  business¬ 
es  get  such  great  rates  now,  it 
is  going  to  be  hard  for  the 
carriers  to  compete  on  price. 
The  carriers  will  be  adding  a 
lot  of  bells  and  whistles  to 
their  offerings  to  attract  cus¬ 
tomers,”  she  says. 

Despite  the  promise  of 
voice-over-IP  services,  one 


user  who  has  deployed  a  pri¬ 
vate  voice-over-IP  network 
questions  whether  carriers 
will  be  able  to  quickly  be¬ 
come  experts  in  voice-over-IP 
technology. 

“I’m  not  sure  carriers  can 
do  a  much  better  job  sup¬ 
porting  IP  telephony  than  I 
can,”  says  Rod  White,  vice 
president  of  telecommunica¬ 
tions  for  Home  Shopping 
Network  in  St.  Petersburg, 
Fla.  “And  I  don’t  want  them  to 
become  experts  by  trying 
things  out  on  me.” 

Small  deployment 

It  seems  many  other  users 
feel  that  way,  too.  A  recent 
study  by  Faulkner  Infor¬ 
mation  Services  indicates 
that  only  7%  of  enterprise 
customers  have  deployed  any 
voice  over  IP,  and  those  who 
have  have  installed  it  in  only 
small  pilot  projects  in  least- 
critical  environments  (NW, 


Oct.  29,  1999,  page  55). 

Nevertheless,  most  local 
and  long-distance  service 
providers  have  some  kind  of 
voice-over-IP  blueprint,  even 
though  some  of  those  ser¬ 
vices  may  not  be  pure  IP. 

Most  traditional  carriers 
considering  voice-over-IP  ser¬ 
vices  are  actually  running  IP 
traffic  over  ATM  networks 
because  ATM  provides  quality- 
of-service  (QoS)  guarantees 


necessary  for  voice  quality. 

MCI  WorldCom  is  the 
exception.  It  is  in  the  process 
of  putting  together  an  IP  net¬ 
work  that  will  support  com¬ 
bined  voice  and  data  ser¬ 
vices,  says  Frank  Nigro,  direc¬ 
tor  of  converged  services  at 
MCI  WorldCom. 

MCI  WorldCom  is  in  the 
midst  of  an  employee-only 
service  trial  that  the  company 
will  soon  expand  to  include 
enterprise  business  users. 

Nigro  says  MCI  WorldCom 
is  in  the  process  of  building  a 
100%  pure  IP  backbone  that 
will  take  advantage  of  exist¬ 
ing  facilities,  but  will  include 
new  electronics  and  soft¬ 
ware. 

“This  is  not  a  science  pro¬ 
ject  anymore,”  Nigro  says. 
“We’re  constructing  a  carrier- 
grade  IP  network  to  support 
large  business  users’  on-net 
and  off-net  voice  and  data 
traffic.” 

While  MCI  WorldCom  is 
looking  at  supporting  voice- 
over-IP  services  over  a  pure 
IP  network,  AT&T  is  looking 
at  offering  the  technology 
over  its  Internet  backbone. 

AT&T  expects  to  offer  a 
voice  service  over  its  Internet 
backbone  before  year-end. 
With  the  service,  customers 
will  be  able  to  send  intra¬ 
company  voice,  fax  and  off- 
net  voice  traffic  over  AT&T’s 
ATM  Internet  backbone,  says 
Cliff  Radziewicz,  general 
manager  of  global  IP  telepho¬ 
ny  services  at  AT&T. 

In  September,  AT&T  started 
a  service  trial  that  provides 
multinational  enterprise 
users  with  voice  services 
over  AT&T’s  Internet  back¬ 
bone.  But  the  trial  is  limited 
in  scope  —  it  has  only  two 
customers  on  the  network. 
One  customer  is  making 
voice  calls  from  the  U.S.  to 
the  U.K.,  and  the  other  cus¬ 
tomer  is  making  calls  from 
the  U.S.  to  Asia  over  the 
Internet. 

“The  trial  is  going  well,  and 
we  expect  to  increase  the  call 
volumes  soon,”  Radziewicz 
says. 

AT&T  and  MCI  WorldCom 
are  clearly  gung-ho  about 
voice  over  IP,  but  Sprint  has 
a  different  take  on  the 
technology. 

Sprint  will  not  be  rolling 
out  any  managed  or  integrat¬ 
ed  voice-over-IP  services,  but 
rather  will  point  customers 
looking  for  an  alternative  to 
traditional  circuit-switched 


voice  services  to  its 
Integrated  On-Demand  (ION) 
service. 

ION  lets  business  users 
send  voice  and  data  traffic 
over  the  same  ATM-based 
connection.  AT&T  has  a  simi¬ 
lar  service  called  INC.  Both 
services  rely  on  ATM  rather 
than  IP  for  service  delivery. 


Bell  Atlantic,  which  is  try¬ 
ing  to  become  a  long-distance 
power  player,  does  plan  to 
support  voice-over-IP  ser¬ 
vices  in  the  future. 

While  Bell  Atlantic  will 
continue  to  use  its  existing 
access  network  to  deliver 
phone  calls  to  customers,  it 
will  convert  circuit-switched 
voice  traffic  to  ATM  for  long- 
haul  connections. 

The  company  says  it  plans 
to  start  IP-voice  service  trials 
later  this  year,  but  would  not 
give  specific  details. 

LEC  plans 

Local  exchange  carriers 
SBC  and  BellSouth  are  follow¬ 
ing  a  similar  path  —  the  one 
taken  by  AT&T  and  MCI 
WorldCom. 

SBC  has  made  a  commit¬ 
ment  to  provide  packetized 
voice  to  customers  through 
its  $6  billion  network 
upgrade  program  known  as 
Project  Pronto.  The  program 
calls  for  wiring  customer 
sites  with  digital  subscriber 
line  (DSL)  and  running  multi¬ 
ple  packet-based  phone  links 
plus  data  over  a  single  con¬ 
nection. 

SBC  is  relying  on  ATM  for 
its  new  backbone,  which  will 
handle  voice  and  data. 

ATM  will  eventually  run  to 
customer  sites  over  the  DSL 
lines,  and  IP  voice  channels 
will  travel  over  that  ATM 
stream,  says  Fred  Chang,  vice 
president  of  SBC  Advanced 
Solutions.  SBC’s  voice-over- 
DSL  services  will  start  to 
emerge  later  this  year  with 
trials  in  Los  Angeles  and 
Houston. 

Similarly,  BellSouth  is  ex¬ 
ploring  packet  voice  as  a  way 
to  sell  additional  phone  ser¬ 
vices  over  DSL  connections. 


Such  services  are  expected 
in  nine  to  12  months,  accord¬ 
ing  to  Mick  Stefanik,  research 
director  for  advanced  data 
networking  technologies  at 
BellSouth. 

What's  in  store? 

IDC  expects  that  business 
users  will  start  adopting  inte¬ 


grated  IP  voice  and  data  ser¬ 
vices  when  the  voice-over-IP 
part  of  the  offerings  becomes 
invisible  and  painless,  says 
Mark  Winther,  vice  president 
of  worldwide  telecommuni¬ 
cations  at  IDC. 

While  most  of  the  trad¬ 
itional  telecommunications 
companies  are  embracing  IP 
as  the  wave  of  the  near 
future,  this  by  no  means  fore¬ 
casts  the  death  of  the  public 
switched  telephone  network 
(PSTN)  as  we  know  it  today. 

“The  PSTN  will  be  around 
for  at  least  a  decade  and  may¬ 
be  more,”  MCI  WorldCom’s 
Nigro  says. 

MCI  WorldCom  will  contin¬ 
ue  to  make  investments  in 
circuit-switched  voice  to  en¬ 
sure  QoS  standards,  but  the 
majority  of  its  capital  invest¬ 
ments  will  go  into  next-gen¬ 
eration  networks,  Nigro  says. 

And  most  of  the  industry  is 
following  suit.  3 


Clarifications 

Our  recent  feature 
"Secrets  of  the  tariff  game" 
(Dec.  13,  1999,  page  58) 
omitted  contact  information 
for  the  author.  Brett  Mach- 
tig  can  be  reached  at 
Machtig1@aol.com  or  (612) 
325-9999. 

A  recent  article  (Dec.  13, 
1999,  page  14)  should  have 
stated  that  Computer  Asso¬ 
ciates'  (CA)  new  InterBiz 
e-business  applications 
division  was  formed  by 
bringing  several  existing  CA 
business  units  under  one 
umbrella. 


Internet  telephony  trends 

Strong  user  interest  in  voice-over-IP  (VoIP)  technology . . . 


Companies  "very 
likely"  to  implement 
VoIP  technology: 


Based  on  survey  of  500  companies. 


. . .  has  prompted  industry  analysts  to  predict  big  things  in  the 
markets  for  VoIP  usage  and  equipment. 
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SOURCES:  PHILLIPS  GROUP  INF0TECH.  PARSIPPANY,  N.J.;  IDC.  FRAMINGHAM.  MASS 
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Combined  voice  and 
data  switch  revenue 
projections 

(in  billions  of 

dollars) 
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13% 


60% 
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2002 


■  "I'm  not  sure  carriers  can  do  a 
much  better  job  suppoting  IP 
telephony  than  I  can." 

Rod  White,  vice  president  of  telecommunications,  Home 
Shopping  Network 
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What  is  your  scope  and  involvement  in  purchasing  decisions  for  network  products  and 
services  for  your  enterprise? 


A.  Scope  (check  ONE  only) 

CORPORATE: 

1. D  Entire  Enterprise/Multiple  Enterprises 

2. D  Division/Multiple  Divisions _ 

3. D  Department 
4.0  None 


B.  Involvement  (check  ALL  that  apply) 

1.  □  Create  Network/IT  Strategy 

2. D  Recommend/Specify  Brand 

3.  □  Approve  Purchase 


4.  □  Evaluate  Products/Services 

5.  □  Determine  the  Need 
6.0  None 


What  is  the  estimated  number  of  employees  at  your  location/in  entire  organization? 

(check  ONE  in  each  section) 


A.  At  your  location: 

1.  □  Over  20,000 

2.  □  10,000  -  19,999 

3.  □  5,000  -  9,999 

4.  □  2,500-4,999 

5.  □  1,000  -  2,499 


6.  □  500-999 

7.  □  250  -  499 

8.  □  100-249 

9.  □  99  or  less 


B.  Entire  organization: 

1.  □  Over  20,000 

2.  □  10,000-  19,999 

3.  □  5,000  -  9,999 

4.  □  2,500-4,999 


5.  □  1,000-2,499 

6.  □  500-999 

7.  0  499  or  less 


9. 

Please  indicate  the  Network  hardware/software/services  that  you  are  currently  involved  in 
purchasing  or  plan  to  purchase:  (checkALL  that  apply) 

A.  Currently  involved  in  purchasing  B.  Plan  to  purchase 

COMPUTERS/PERIPHERALS 

A 

B 

A  B 

A  B 

□  01.  □  Laptops/Notebooks/PDAs 

□  05.  □  Storage/Backup 

□  08.  □  Minis 

□  02.  □  PCs 

(Optical, Disk, Tape, RAID) 

□  09.  □  Mainframes 

□  03.  □  Windows  Terminals/Thin  Clients 

□  06.  □  Printers 

□  10.  □  Fax/Modem  Boards 

□  04.  □  Workstations 

□  07.  □  Printer/Fax/Copier  Hybrids 

□  11.  □  Memory/Chips/Boards/Cards 

SOETWARE/APPL1CATIONS 

(Multifunction  Printers) 

□  12.  □  Other  Computers/Peripherals 

A 

B 

A  B 

A  B 

□  13.  □  Network  Management 

□  21.  □  E-Mail 

□  28.  □  Site  Metering  Tools 

□  14.  □  Systems  Management 

□  22.  □  Enterprise  Resource  Planning 

□  29.  □  Datawarehousing 

□  15.  □  Security 

(ERP) 

□  30.  □  Anti  Virus  Software 

□  16.  □  Directory  Services 

□  23.  □  EDI 

□  31.  □  Multimedia 

□  17.  □  Operating  Systems 

□  24,  D  Desktop  Videoconferencing 

□  32.  □  Y2K  Conversion  Software 

□  18.  □  Applications  Development  Tools 

□  25.  □  Imaging 

□  33.  □  Helpdesk 

□  19.  □  Database  Management/RDBMS 

□  20.  □  Groupware 

SPRVIfFS 

□  26.  □  Middleware/Serverware 

□  27.  □  Document  Management 

□  34.  □  Other  Software/Applications 

A 

B 

A  B 

A  B 

□  35.  □  BPO  (Business  Process 

Outsourcing  incl.  Financial 
Services,  HR,  Logistics  etc.) 

□  36.  □  Applications  Outsourcing 

□  37.  □  Call  Center  Outsourcing 

□  38.  □  Systems  Integration/Consulting 

□  39.  □  Education/Training  Services 

□  40.  □  Other  Services 

A  8 

None  of  the  above  (1  -  40)  □  41.  □ 

lr]  Please  indicate  the  platforms  that  are  currently  installed/planned:  check  all  that  appiyi 

J  _/jj  A.  Currently  installed  B.  Planned  for  purchase 

NETWORK  PROTOCOLS 

A  B 

□  01.  □  TCP/IP 

□  02.  □  IPv6 

□  03.  □  SNA 

LAN/WAN  ENVIRONMENT 

A  B 

□  04.  □  Novell  IPX/SPX 

□  05.  □  APPC/APPN/LU  6.2 

□  06.  □  NETBIOS/NETBUE1 

A  B 

□  07.  □  NFS 

□  08.  □  SNMP 

□  09.  □  Other  Network  Protocols 

A  B 

□  10.  □  Gigabit  Ethernet 

□  11.  □  Switched  Ethernet 

□  12.  □  Fast  Ethernet 

□  13.  □  Ethernet 

□  14.  □  ATM 

□  15.  □  Token  Rin^Token  Ring  Switching 
NETWORK  OPERATING  SYSTEM 

A  B 

□  16.  □  IP  Switching 

□  17.  □  Layer  3,4  Switching 

□  18.  □  FDDI 

□  19.  □  100Base-T 

□  20.  □  lOBase-T 

□  21.  □  Fibre  Channel 

A  B 

□  22.  □  Wireless 

□  23.  □  DSL 

□  24.  □  ISDN 

□  25.  □  Frame  Relay 

□  26.  □  Private  Line  Tl,  T3,  FT-1,  SONET 

□  27.  □  Other  LAN/WAN  Environment 

A  B 

□  28.  □  Windows  NT/Windows  2000 

□  29.  □  Novell  (NetWare  5X) 

□  30.  □  Novell  (NetWare  4X) 

□  31.  □  Novell  (NetWare  2J(,3X) 

mMPIITPR  OPFRATINr.  SYCTPM 

A  B 

□  32.  □  LINUX 

□  33.  □  Microsoft  (LAN  Manager) 

□  34.  □  Banyan  (Vines) 

A  B 

□  35.  □  IBM  (LAN  Server) 

□  36.  □  Other  Network  Operating  System 

A  B 

□  37.  □  NT  Workstation 

□  38.  □  Windows  2000 

□  39.  □  Windows  984)5/1.1 

□  40.  □  Intel  based  UNIX 

□  41.  □  RISC  based  UNIX  (incl.  SOLARIS) 

A  B 

□  42.  □  LINUX 

□  43.  □  DOS 

□  44.  □  OS/2, OS/2  WARP 

□  45.  □  OS/400 

□  46.  □  IBM  MVS/VM/VSE7ESA 

A  B 

□  47.  □  Digital  VMS 

□  48.  □  Macintosh 

□  49.  □  Other  Computer  Operating  System 

A  B 

None  of  the  above  (1-  49)  □  50.  □ 

Which  of  the  following  hardware  platforms  are  installed/planned  in  your  company? 

|  l  LCj|  (check  ALL  that  apply) 

A  -  Mainframes 

B  -  Minis  (Midrange) 

C  -  Workstations 

(Large  Scale) 

1.  □  IBM  RS/6000 

1.  □  Sun  Microsystems 

1.  □  IBM 

2.  □  IBM  AS/400 

2.  □  H-P 

2.  □  Other 

3.  □  Digital/Tandem/Compaq 

3.  □  Digital/Compaq 

4.  □  Unisys 

4.  □  IBM 

5.  □  H-P 

5.  □  Silicon  Graphics 

6.  □  Other 

6.  □  Other 

What  is  the  estimated  gross  revenue  of  your  entire  company/institution? 

(check  ONE  only) 


1.  □  $20  Billion  or  More 

2.  □  $10  Billion  to  $199  Billion 

3.  □  $1  Billion  to  $9.9  Billion 

4.  □  $500  Million  to  $999.9  Million 


5.  □  $100  Million  to  $499.9  Million 

6.  □  $50  Million  to  $99.9  Million 

7.  □  $10  Million  to  $49.9  Million 

8.  □  $5  Million  to  $9.9  Million 


9.  □  $4.9  Million  or  less 

10.  □  None  of  the  above 


For  which  areas  outside  of  the  US  do  you  have  purchase  influence? 

(check  ALL  that  apply) 


1.  □  Europe  3.  □  South  America  5.  □  Middle  East  7. 

2.  □  Asia  4.  □  Australia  6.  □  Africa  8. 


□  Canada 

□  None 
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Allied  Telesyn  later  this  month 
will  release  an  unmanaged  10/ 
100M  bit/sec  Ethernet  switch  with 
gigabit  uplinks.  The  AT-FS909SX 
has  eight  Fast  Ethernet  ports  and 
a  lOOOBase-SX  uplink.  The  com¬ 
pany  says  the  switch  is  the  first  in 
a  series  and  costs  $923. 

Allied  Telesyn:  www.allied 
telesyn.com 

Alteon  WebSystems  last  week 
started  shipping  the  first  Gigabit 
Ethernet  adapters  for  Category-5 
copper  cabling.  At  $495,  the 
adapters  cost  half  as  much  as 
fiber-optic  versions,  the  company 
says.  TheACEnic  10/100/1000- 
Base-T  adapters  automatically 
negotiate  with  the  other  end  of 
the  connection  for  the  best  possi¬ 
ble  rate.  Drivers  support  Win¬ 
dows  NT,  NetWare,  Linux  and 
other  operating  systems. 

Alteon:  www.alteonweb 
systems.com 

Linksys  has  unveiled  a  broad¬ 
band  Ethernet  router  that  works 
over  cable  TV  and  digital  sub¬ 
scriber  line  (DSL)  networks.  The 
EtherFast  Cable/DSL  Router  lets 
users  access  the  Internet  by 
connecting  their  PCs  to  cable  or 
DSL  modems.  The  router  fea¬ 
tures  a  four  port  10/100M  bit/sec 
Ethernet  switch  and  assigns  up 
to  253  private  IP  addresses, 
Linksys  says.  The  EtherFast 
Cable/DSL  Router  costs  $199  and 
is  available  now. 

Linksys:  www.linksys.com 

Bus-Tech  is  rolling  out  a  ver¬ 
sion  of  its  EnterpriseExpress 
Adapter  for  IBM  DB2  Access. 
This  PCI  card  fits  into  an  S/390 
Enterprise  System  Connection 
(ESCON)  slot  and  lets  Windows 
NT  users  tap  into  a  DB2  main¬ 
frame  database. 

EnterpriseExpress  Adapter  is 
available  now  for  $15,000. 

Bus-Tech:  www.bustech.com 


Inf rastructur 


_  TCP/IP,  LA N/WA N  Switches,  Routers,  Hubs,  Access  Devices, 

Clients,  Servers,  Operating  Systems,  VPIMs,  Networked  Storage 

Fireworks  expected  at  NOS  showdown 


Vendors  to  clash  at  ComNet  2000: 

NOS  Showdown 

When:  Wednesday,  Jan.  26;  1-2:15  p.m. 

Where:  ComNet  2000;  Grand  Ballroom, 

Renaissance  Hotel,  Washington,  D.C. 

Moderator:  John  Gallant,  editorial  director.  Network  World 

Expert  panelists: 

•  John  Fontana,  senior  editor,  Network  World 

•  Dave  Kearns,  noted  technology  writer  and  author 

Participants: 

•  Kim  Clark,  director  of  the  Core  OS  Platform  Group,  Novell 

•  Aubrey  Edwards,  group  product  manager,  Microsoft 

•  Tom  Keith,  director  of  Unix  market  development,  IBM 

•  Tamar  Newberger,  director  of  server  product  marketing,  The  Santa  Cruz  Operation 

•  Erik  Troan,  director  of  engineering,  Red  Hat  Software 


John  Fontana  Dave  Kearns 


BY  JOHN  FONTANA 

The  one  thing  guaranteed  as  the 
new  year  begins  is  that  by  the 
time  the  year  ends,  network 
operating  system  developments  will  be 
one  of  2000’s  top  stories. 

Volumes  will  be  written  about  the 
operating  system,  given  that  Microsoft’s 
Windows  2000  will  finally  be  available, 
and  Linux  is  starting  to  gain  credibility  in 
the  enterprise. 

And  don’t  discount  Novell,  which  is 
remaking  NetWare  to  complement  the 
Web,  and  Unix,  which  continues  to  run 
along  at  its  reliable  pace. 

So  what  better  way  to  start  the  year 
than  to  get  the  vendors  to  sit  down  and 
extol  the  virtues  of  their  wares  and 
defend  the  weaknesses  in  their  products? 

And  what  better  forum  for  that  discus¬ 
sion  than  Network  World’s  Network 
Operating  System  Showdown?  IBM, 
Microsoft,  Novell,  The  Santa  Cruz 
Operation  (SCO)  and  Red  Hat  Software 
will  convene  at  ComNet  2000  on 
Wednesday,  Jan.  26  in  Washington,  D.C., 
to  face  questions  from  a  panel  of  experts, 
each  other  and  audience  members. 

With  e-commerce  spreading  operat¬ 
ing  system  responsibilities  beyond  the 
firewall,  there  will  be  plenty  of  debate 
about  which  company  has  the  right  stuff 
to  scale  to  the  number  of  users  the  Web 
will  bring. 

This  year,  IT  executives  are  likely  to 
evaluate  their  operating  systems  in  an 
effort  to  harden  their  infrastructures  to 
handle  those  external  users  as  well  as 
traditional  internal  chores.  For  many,  the 
question  will  not  be  which  is  the  best 
operating  system,  but  how  to  make  them 
all  work  together  —  whether  they  are 
handling  file  and  print  services,  control¬ 
ling  the  network,  hosting  applications  or 
supporting  Web  commerce. 


www. nwfusion.com 


BURNING 

QUESTIONS? 

Want  to  know  more  about  the  major 
operating  systems?  Add  your  question  to 
our  forum,  and  we'll  put  it  on  the  list  for 
the  NOS  Showdown  at  ComNet  2000. 


At  the  showdown,  these  topics  are 
likely  to  generate  more  friction  than  the 
Democrats  and  the  Republicans  can 
muster  in  an  entire  legislative  session. 

That’s  because  IT  executives  will 
come  armed  with  questions  about  inter¬ 
operability,  security,  scalability,  special¬ 
ized  deployments,  standard  and  API  sup¬ 
port,  and  total  cost  of  ownership. 

For  example,  Julia  Goldberg,  executive 
vice  president  of  corporate  technology 
services  for  Razorfish.com,  wants  to 
know  the  level  of  commitment  each  ven¬ 
dor  has  to  open  standards.  Goldberg’s 
network  includes  Windows  NT,  NetWare 


BY  DENI  CONNOR 

PROVO,  UTAH  —  NetWare  users  will 
soon  be  able  to  merge  two  dissimilar 
network  directories  with  a  new  utility 
from  Novell. 

The  company  is  previewing  TREEINT,  a 
directory  integration  utility,  in  the  January 
release  of  its  Novell  Developer  Kit. 

TREEINT  integrates  directories  with 
different  schemas  at  any  location  in  the 
directory  tree,  thus  expanding  the 
opportunity  for  directory  integration.  At 
present,  Novell  distributes  DSMERGE,  a 
utility  that  lets  network  professionals 
merge  directories  that  have  identical 
structures  or  schemas  only  at  the  root  of 
the  directory. 

TREEINT  analyzes  directory  trees, 
compares  their  schemas  and  attempts  to 


and  Unix,  and  she  wants  those  systems  to 
play  together  nicely.  She  is  especially 
concerned  about  Microsoft’s  implemen¬ 
tation  of  the  Kerberos  authentication 
standard  in  Win  2000,  which  includes 
some  proprietary  extensions  that  erode 
its  level  of  interoperability. 

Craig  Zimmer,  network  systems  engi¬ 
neer  at  the  University  of  North  Carolina 
at  Chapel  Hill,  wants  to  know  what  ven¬ 
dors  are  doing  to  promote  application 
development.  He  is  especially  interested 
in  Novell’s  efforts.  “What  are  they  doing 
to  bring  developers  on  board  to  write  to 
their  platform?”  Zimmer  asks.  □ 


reconcile  any  differences.  It  then  backs 
up  the  data  in  the  new  tree,  installs  the 
new  directory  into  the  existing  tree  and 
restores  the  data. 

“TREEINT  would  be  particularly  use¬ 
ful  for  companies  that  want  to  reparti¬ 
tion  their  directories  or  for  companies 
that  have  purchased  other  companies 
and  need  to  combine  directories  with 
different  schemas,”  says  Ed  Partridge,  IS 
manager  for  medical  component  manu¬ 
facturer  Zevex  in  Salt  Lake  City7. 

Novell  declined  to  comment  on 
whether  the  utility'  will  ship  with  future 
releases  of  NetWare.  TREEINT  runs  as  a 
NetWare  Loadable  Module  on  NetWare  4 
and  5  networks. 

It  is  available  for  download  free  from 
developer.novell.com/ndk/ 

Novell:  www.novell.com 


Novell  utility  eases  directory  integration 
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POWERFUL.  FLEXIBLE.  RELIABLE 


This  is  robust  data  delivery  to  the  99.999th  power! 

' 
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We  offer  the  toughest  network  availability  guarantee  in 

Here's  the  proof: 
Intermedia  Communications'  frame  relay  network 
guarantees  99.95%  reliability  end-to-end. 

Unlike  other  carriers,  our  guarantee  also  includes  the 
local  loop.  In  fact,  our  actual  uptime  is 
an  amazing  99.999%! 
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Infrastructure 


With  Windows  2000,  NT  grows  up 


It 's  more  stable,  performs  better  and  is  easier  to  manage,  but  not  all  desktops  are  welcome  at  this  party. 


BY  THOMAS 
HENDERSON 

The  long-awaited  suc¬ 
cessor  to  Windows 
NT  is  finally  seeing 
the  light  of  day.  We  tested  the 
final  code  Microsoft  shipped  to 
manufacturing  late  last  month. 
Most  of  the  bells  and  whistles 
work  as  advertised,  but  plan¬ 
ning  for,  testing  and  deploying 
Windows  2000  is  going  to  be  a 
slow  and  daunting  process. 

We  looked  at  Windows  2000 


Windows  2000  Server 

Microsoft 

(425)  882-8080 

www.microsoft.com/ 

windows2000/default.asp 

$3,999  for  Advanced  Server 
edition  and  25  Client  Access 
Licenses.  $1,995  for  Server 
edition  and  10  client  access 
licenses. 

Pros 

▲  Good  group  policy 
control. 

▲  Comprehensive  security 
in  Windows  2000-only 
environments. 

▲  Strong,  standards-based 
directory  infrastructure. 

▲  Better  performance  than 
Windows  NT. 


Cons 

▼  Requires  serious 
planning  to  reap  benefits. 

▼  Only  Windows  2000 
clients  get  full  features 
of  Active  Directory. 

▼  Requires  a  Client  Access 
License  for  each 
authenticated  client. 


Server  and  Advanced  Server 
editions.  Enterprise  installa¬ 
tions  won’t  reap  the  full  bene¬ 
fits  from  server  upgrades 
unless  they  also  put  Win  2000 
on  all  their  desktop  machines. 
Most  of  the  useful  features  of 
Windows  2000  Server  — 
IntelliMirror,  group  policy'  man¬ 
agement  and  Kerberos  security 
—  are  confined  to  networks 
that  are  homogeneously  Win 
2000. 

Active  Directory  is  central 


to  security,  resource 
access,  IntelliMirror 
features,  administra¬ 
tive  control  and 
the  availability 
of  network  re¬ 
sources.  You  can 
correct  mistakes 
and  manipulate  Active 
Directory  information  easily 
using  Active  Directory 
Microsoft  Management  Con¬ 
sole  (MMC)  snap-ins,  but 
you’re  better  off  getting  it 
right  the  first  time. 

Each  Win  2000  server  can 
play  one  of  three  roles  in  the 
Active  Directory  infrastructure: 
stand-alone  server,  member 
server  or  domain  controller. 

Servers  can  run  in  a  mixed 
NT  and  Win  2000  mode  or  in 
native  Win  2000  mode,  which 
precludes  relationships  with 
NT  domains  except  through 
directory  brokerage  services. 
Running  Win  2000  in  “native” 
mode  removes  many  of  the 
widely  publicized  NT/LAN 
Manager  security  problems  and 
will  make  access  to  resources 
quicker  and  easier  for  end 
users  and  administrators. 

Because  the  directory  ser¬ 
vice  is  based  upon  an  exten¬ 
sion  to  the  Internet  Domain 
Name  System,  DNS  must  be 
present  and  working  on  the 
network  where  a  domain  con¬ 
troller  for  Active  Directory  is 
deployed.  If  you  don’t  have  a 
DNS  infrastructure  in  place, 
you  can  install  the  service  that 
is  bundled  with  Windows  2000 
Server  editions.  We  suggest 
examining  the  settings  Micro¬ 
soft  chooses  for  the  domain 
name  server  because  several 
times  we  found  the  settings 
weren’t  correct  for  intranet 
deployments. 

A  Microsoft  utility  called 
Lightweight  Directory  Inter- 
Face  can  import  Lightweight 
Directory  Access  Protocol 
information  from  any  LDAP- 
enabled  directory  into  Active 
Directory.  There  are  many 
Active  Directory  fields  to  popu¬ 
late.  With  any  luck,  you  will 
already  have  that  information 
sitting  in  a  database  some¬ 
where  on  your  network.  How¬ 
ever,  even  importing  existing 
data  can  raise  issues  because 
the  directory'  fields  available 
with  NT  4.0  fill  only  a  fraction 


of  Active  Directory’s 
fields. 

MMC  is  the  adminis¬ 
trative  nexus  for  the 
directory.  It’s  consid¬ 
erably  easier  to  use 
than  the  cadre  of 
tools  required  to 
manage  NT  domains. 

Mirror,  mirror 

Once  you  have  Active 
Directory  in  place,  you  can 
begin  to  deploy  IntelliMirror,  a 
group  of  server  and  client-side 
features  that  help  manage  desk¬ 
top  configurations. 

With  IntelliMirror’s  client- 
side  file/folder  caching  service 
for  mobile  users,  you  can  make 
server  folders  available  offline 
by  caching  them  on  the  desk¬ 
top  machine.  You  can  set 
IntelliMirror  to  synchronize  the 
cache  on  a  user’s  desktop  at 
logon,  logoff  or  during  idle  time 
on  the  host  PC. 

We  tested  this  feature  exten¬ 
sively  and  found  that  while  it 
offers  enormous  convenience, 
it’s  not  a  substitute  for  work¬ 
group/activity  management 
environments  such  as  Lotus 
Notes  or  Microsoft  Exchange. 
IntelliMirror  is  hampered  by 
several  practical  limitations, 
including  the  datalink  speed  of 
a  mobile  connection.  We  found 
that  synchronization  at  logon 
or  logoff  tested  our  patience. 

IntelliMirror  also  supports 
roaming  user  profiles,  allowing 
Win  2000  desktop  settings  to 
be  cached  on  a  server.  That 
means  you  can  log  on  to  a  dif¬ 
ferent  machine  and  still  see 
your  own  desktop  icons. 

The  drawback  of  this 
scheme  is  that  applications  are 
not  available  unless  they’ve 
been  packaged  and  published 
by  a  network  administrator. 

The  portable  desktop 
worked  fairly  well  in  our  envi¬ 
ronment.  It  took  Word  and 
Excel  2000  12  minutes  to 
download  onto  an  otherwise 
empty  Win  2000  PC  over  a  Fast 
Ethernet  intranet. 

Security 

An  important  consideration 
for  any  network  operating  sys¬ 
tem  is  security. 

The  Kerberos  system  in  Win 
2000  generates  Ticket  Granting 
Tickets  when  a  user  logs  on  to 


ScoreCard 


Windows  2000  Server 
Administration  30%  9 


Performance  20% 

8 

Features  20% 

9 

Security  10% 

8 

Installation  10% 

9 

Documentation 
and  support  10% 

7 

Total  score 

8.50 

Individual  category  scores  are  based 
on  a  scale  of  1  to  10.  Percentages  are 
the  weight  given  each  category  in 
determining  the  total  score. 

Active  Directory.The  tickets  are 
used  as  shortcuts  to  authenti¬ 
cate  users  to  other  domain  con¬ 
trollers  without  forcing  them 
to  log  on  again. 

Win  2000  supports  a  file¬ 
signing  service  called  Authen- 
ticode,  which  verifies  that  a  file 
hasn’t  been  tampered  with.  If 
your  users  are  running  Internet 
Explorer,  you  can  screen  soft¬ 
ware  downloads  through  the 
Active  Directory  group  policy 
mechanism. 

A  new  Encrypting  File 
System  lets  users  encrypt  their 
files  and  folders.The  process  of 
decrypting  files  is  transparent 
to  the  user.  Fortunately,  the 
administrator  gets  a  data  recov¬ 
ery  certificate  so  files  can  be 
decrypted  upon  the  untimely 
exit  of  a  user.  We  found  that 
Encrypting  File  System  worked 
easily  but  would  prefer  that  the 
service  was  not  available  by 
default. 

With  Win  2000,  you  can  also 
delegate  administration  tasks 
based  on  Active  Directory 
groups.  It’s  possible  to  create 
administrative  authorities  for 
specific  individuals  by  making 
them  part  of  groups  within  the 
directory. 

Performance  and  availability 

Microsoft  has  made  several 
improvements  in  performance 
and  availability. 

We  tested  file  I/O  using 
Windows  2000  Professional 
edition  clients  against  differing 
servers  with  bulk  folder  and 
file  copying.  We  found  perfor¬ 
mance  of  both  Windows  2000 


Server  editions  to  be  compara¬ 
ble  for  gigabyte  file  transfers 
and  approximately  18%  faster 
than  the  exact  same  platform 
using  NT  4.0  with  Service  Pack 
5  applied. 

Win  2000  lets  you  cluster 
two  nodes  in  the  Advanced 
Server  edition  for  high  availabil¬ 
ity.  We  found  connecting  two 
Compaq  3000R  servers  togeth¬ 
er  into  a  cluster  was  surprising¬ 
ly  simple.  Unfortunately,  few 
applications  can  take  advantage 
of  Microsoft’s  clustering. 

We  ran  Microsoft  SQL  Server 
7  with  Service  Pack  1  on  our 
cluster.  When  we  simulated  a 
server  failure,  the  surviving 
member  of  a  cluster  took  just  30 
seconds  to  pick  up  the  duties  of 
the  failed  server.  That  is  a  20% 
reduction  in  failover  time  over  a 
similar  test  conducted  on  a  pair 
of  NT  4.0  servers. 

Microsoft  has  simplified  the 
installation  process.  We  tested 
Windows  2000  Server  and 
Advanced  Server  on  several 
platforms.  This  simplifi¬ 
cation  is  due  mainly  to  new 
plug-and-play  support  that 
enables  hardware  discovery 
and  integration. 

Microsoft  has  finally  deliv¬ 
ered  on  a  long  list  of  features 
that  it  began  building  more 
than  five  years  ago.  Making 
appropriate  choices  on  how 
you  will  use  Win  2000  in  your 
enterprise  network  is  going  to 
take  some  time.  And  although 
it’s  possible  to  drop  a  Win  2000 
server  into  an  existing  net¬ 
work,  we  don’t  recommend 
doing  so  until  you’ve  jumped 
through  every  planning  hoop 
possible. 

Henderson  is  principal 
researcher  at  ExtremeLabs  in 
Indianapolis.  He  can  be 
reached  at  thenderson @ 
CompuServe,  com. 
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HELP 

DESK 

WINDOWS  2000 

Learn  how  Windows  2000 
servers  can  harmonize  but  can't 
keep  time. 


Need  tools  to  help  you  get  to 
Active  Directory?  Here  they  are. 
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Infrastructure 
Kevin  Tolly 

What’s  your 

BANDWIDTH 

BUDGET? 

With  Y2K  worries  over,  you  can 
finally  turn  up  the  heat  on 
long-neglected  projects.  If  industry  ana¬ 
lysts  are  correct,  renting  applications 
from  application  service  providers 
(ASP)  will  be  a  focus  of  activity.  But  as 
you  draw  up  your  plan  and  rough  out 
your  budget,  don’t  forget 
about  including  WAN 
bandwidth. 

It’s  tough  to  find 
information  about  how 
much  bandwidth  one 
should  allot  each  user 
when  implementing 
thin-client  networking  to  deliver  rented 
applications.  In  fact,  neither  thin-client 
giant  Citrix  nor  its  major  licensee, 
Microsoft,  spend  much  time  addressing 
the  issue.  Scouring  through  various 
technical  and  marketing  offerings 
reveals  that  the  vendors  believe  20K 
bit/sec  per  user  is  a  good  rule  of  thumb. 

So  let’s  consider  our  options  for 
deploying  applications  to  a  contingent 
of  50  simultaneous  users.  Accepting 
20K  bit/sec  as  valid  would  allow  a  sin¬ 
gle  T-l  to  support  some  75  users  (20K 
bit/sec  x  75  =  1.5M  bit/sec).  Supporting 
our  hypothetical  group  of  50  would 
require  only  1M  bit/sec  of  capacity. 

But  what  would  happen  if  the  20K 
bit/sec  rule  of  thumb  were  wrong?  The 
Tolly  Group  conducts  ongoing  research 
in  the  area  of  thin-client  networking 
and,  according  to  our  research,  that 
number  is  rarely  accurate. 

In  fact,  our  studies  of  Microsoft  Office 
applications  accessed  via  thin  clients 
across  a  T-l  showed  moderately  paced 
typing  with  several  applications  open 
triggering  streams  that,  for  example, 
averaged  97K  bit/sec  with  peaks  of 
122K  bit/sec.  With  this  average,  the  T-l 
link  would  fill  up  with  just  15  simulta¬ 
neous  users.  Allowing  for  the  peak 
would  knock  that  number  down  to  12 
users. 

Imagine  now  that  the  T-l  you 
thought  was  overkill  for  50  users  could, 
in  reality,  only  support  a  dozen 
Microsoft  Office  users.  What  does  that 
added  WAN  expense  do  for  the  bottom- 
line  benefits  you  thought  server-based 
computing  would  deliver? 

Where  did  the  20K  bit/sec  number 
come  from?  That  is  a  question  I  cannot 
answer.  Is  it  possible  for  applications  to 
run  within  the  20K  bit/sec  window?  For 
average  consumption,  the  answer  is  yes. 
Some  client  scenarios  we  ran  clocked  in 
at  9K  and  18K  bit/sec.  Still,  these  appli¬ 
cations  were  troublesome  because  their 


runs  showed  peaks  of  90K  and  122K 
bit/sec,  respectively. 

If  you  are  a  bit  bewildered  by  this  sit¬ 
uation,  take  a  moment  to  consider  the 
heritage  of  thin-client  computing.  Some 
10  years  ago,  Citrix  developed  its 
Independent  Computing  Architecture 
GCA)  protocol  to  off-load  processing  — 


not  bandwidth  —  from  low-end 
machines.  Early  on,  Citrix  allowed 
Windows  3-1  applications  to  run  on 
DOS  machines. 

Today,  the  ICA  protocol  enjoys  a  well- 
deserved  renaissance  courtesy  of  the 
ASP  movement.  With  that  in  mind,  how¬ 
ever,  one  thing  is  clear  —  no  plan  is  com¬ 


plete  until  the  WAN  bandwidth  budget 
for  rented  applications  is  figured  in. 

Tolly  is  presiden  t  of  The  Tolly  Group, 
a  strategic  consulting  and  indepen¬ 
dent  testing  firm  in  Manasquan,  N.J. 
He  can  be  reached  at  (732)  528-3300, 
ktolly@tolly.com  or  www.tolly.com 
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“Just  who  the 
heck  is 
this  upstart 
that  keeps 
winning 
major  VPN 
accounts?” 


Uh,  that  would  be  us,  Compatible  Systems. 


Our  IntraPort™  family  of  VPN  Access  Servers 

wins  more  business  because  it  meets 

industry  standards  and  real  customer  needs: 

■  Integrated  SLA  monitor 

■  RADIUS,  SecurlD  and  X.509  user  authentication 

■  Broadest  Client  Software  Support  -  Windows  95, 

98,  NT,  Macintosh,  Linux  and  Solaris  -  at  no 
additional  charge 

■  Fully  IPSec  compliant 

■  Y2K  compliant 

Only  Compatible  Systems  gives  you  this 

much  VPN  scalability: 

■  Remote  access  support  from  64  client 
connections  (IntraPort  2)  to  40,000  connections  at 
more  than  600  Mbps  (IntraPort  Enterprise-8) 

■  LAN-to-LAN  support  from  16  to  512  simultaneous 
connections 

■  The  most  complete  and  scalable  VPN  product  line 
available 

•  ,  V 'v‘  \ 

Visit  our  website  to  get  your 
complimentary  copy  of  our 
Technical  Evaluator's  Guide, 
a  straight-shooting  guide  to  VPN. 

www.compatible.com/evaluate_now/ 


Since  January,  our  VPN  solutions  have  been 
chosen  by  demanding  organizations  such  as: 

Apple  Computer 

ENTEX  Information  Systems 

Amazon.com 

Motorola 

Jet  Propulsion  Laboratory 
U.S.  Dept,  of  Energy 
Westinghouse 
PSINet 

Pacific  Stock  Exchange 
Yankee  Group 

and  nearly  a  thousand  companies  like  them. 

To  find  out  why,  call  1-800-356-0283,  or  visit 
www.compatible.com/ 


Compatible  Systems 

the  VIRTUAL  leader 


1.888.356.0283  www.compatible.com/ 


IntraPort,  IntraPort  Enterprise  and  IntraPort  Carrier  are  trademarks  of  Compatible  Systems  Corp. 
All  other  product  names  are  trademarks  of  their  respective  manufacturers. 
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YOUR  E-BUSINESS  SERVER 
WILL  BE  UP  AGAIN  IN  15  MINUTES 


Ssmtim' 


It  only  takes  the  blink  of  an  eye  to 


lose  customers.  And  we're  talking 
thousands,  maybe  even  millions. 

So  move  to  a  better  place — a  place 
you  can  rely  on.  AboveNet.  With 
our  own  global,  fiber  optic  network 
and  non-stop,  co-location  facilities, 
we  have  the  redundant  back  up 
power  systems  to  keep  e-businesses 
running  without  interruption. 

In  fact,  with  a  network  capacity  of 
24.7  Gbps,  award-winning  traffic 
routing  and  forecasting  tools,  we 
even  handle  network  problems 
before  they  happen. Combined  with 
direct  connections  to  more  networks 
than  anyone  else,  there  isn't  a 
more  reliable  place  on  the  web.  So 
your  site  is  open  for  business  when 
it  needs  to  be.  All  the  time.  AboveNet. 
The  best  place  for  business  on 
the  Internet.  To  find  out  more,  visit 
us  at  www.above.net  or  call  us  at 
1 -877-625-MOVE. 


Infrastructure  Special  Focus 


IP  Multicast  still  waiting 

for  takeoff 


BY  JASON  MESERVE 

During  the  1980s  and  early  1990s,  cellular  tele¬ 
phone  technology'  had  limited  reach  and  use. 
Fast  forward  to  2000,  and  it  seems  everyone 
owns  a  cell  phone. 

IP  Multicast  today'  is  the  same  as  early  cell 
phone  technology  —  useful  and  available,  but 
not  ubiquitous. 

Though  it  has  distinct  bandwidth-saving  advantages 
over  other  modes  of  transmission,  IP  Multicast  has  not 
taken  off  like  many  had  predicted  when  the 
technology  was  first  introduced  in  Steve 
Deering’s  doctoral  dissertation  in  1988. 

Multicast  technology  can  be  used  to  send 
data  —  such  as  streaming  media,  stock 
quotes  or  inventory'  updates  —  simultane¬ 
ously  from  one-to-many  or  many-to-many 
sources,  be  it  server  to  client  or  application 
to  application.  Unlike  the  more  widely  used 
unicast  technology,  which  employs  a  sepa¬ 
rate  connection  for  each  user,  multicast  has 
a  single  connection  for  every'  user. 

The  teclmology  can  reduce  traffic  on  the 
corporate  network  by  eliminating  redun¬ 
dant  access  to  the  same  content.  Multicast 
can  also  reduce  the  load  placed  on  network 
servers. 

Despite  its  advantages,  there  are  a  number 
of  obstacles  preventing  IP  Multicast  from 
becoming  a  dominant  means  of  data  deliv¬ 
ery.  For  multicast  to  work,  every  router  and 
switch  between  the  source  (usually  a  server) 
and  the  destination  (typically  as  desktop) 
must  be  multicast-enabled. 

That  fact  can  be  a  problem  for  companies 
that  have  lots  of  older  network  gear. 

“A  lot  of  these  enterprises  are  a  mixed  bag 
in  terms  of  what  they  have  for  equipment,” 
says  Stan  Schatt,  research  director  at  Giga  Group. “There 
is  still  something  like  6%  of  companies  with  token  ring. 
A  lot  of  networks  still  have  hubs,  not  switches.” 

Most  of  the  new  high-end  Layer  3  switches  from  the 
likes  of  Cisco,  3Com  and  Nortel  Networks  come  with 
multicast  support;  it’s  just  a  matter  of  turning  it  on.  “IP 
Multicast  is  a  very  important  feature,  not  just  a  check¬ 
off  item,”  say's  Esmeralda  Silva,  a  research  manager  at 
International  Data  Corp.  in  Framingham,  Mass.  “When 
deploying  any  switch  or  router  in  a  network  that  is 
going  to  distribute  different  types  of  data,  you’ve  got  to 
support  multicast.” 

Even  for  companies  with  multicast-enabled  net¬ 
works,  there  is  a  lack  of  management  tools  to  ensure 
smooth  operation. 

“People  are  looking  at  the  kind  of  management  tools 
available  in  the  enterprise.  We  have  a  couple,  but  there 
is  no  HP  OpenView  for  multicast,”  says  Christine 
FaUedti,  product  line  manager  for  multicast  and  quality 
of  service  at  Cisco.  “People  want  to  know  how  they’re 


A  laclt  of  management  tools, 
interoperability  issues  anti 
immature  protocols  slow 
the  bandwidth-saving 
technology's  growth. 


going  to  manage  multicast  once  they  deploy  it.” 

A  bigger  problem  is  IP  Multicast  over  the  Internet, 
where  no  single  entity  controls  the  entire  infrastructure. 
Backbone  service  providers  such  as  UUNET,  Qwest  and 
Sprint  offer  multicast  in  their  networks,  but  smaller  ISPs 
have  been  slower  to  implement  the  technology. 

Part  of  the  problem  is  technological.  Protocols  such 
as  Multicast  Border  Gateway  Protocol  have  been  devel¬ 
oped  to  help  ease  the  transmission  of  IP  Multicast  traf¬ 
fic  between  two  ISP  networks  but  are  still  relatively 
immature. 

To  help  spur  the  deployment  of  multicast,  Cisco 
helped  author  Protocol  Independent  Multicast  (PIM), 
which  is  currently  an  IETF  Internet  Draft. The  primary 
benefits  of  PIM  are  that  it  does  not  rely  on  any  routing 
protocol  to  work  and  is  ideal  for  large  or  small  enter¬ 
prise  networks.  Other  IP  Multicast  protocols  rely  on 
certain  routing  protocols,  such  as  Routing  Information 
Protocol  or  Open  Shortest  Path  First. 

As  happens  with  many  “standards”  however,  PIM’s 


implementation  may  vary  from  vendor  to  vendor, 
observers  say. 

“Some  PIM  implementations  will  not  talk  to  other 
versions  of  PIM,”  says  Jeremy  Hall,  an  engineer  at  UUNET 
and  an  IETF  member.  “It’s  complex  trying  to  get  every¬ 
one  to  agree  on  how  to  implement  the  technology.” 

IP  Multicast  is  also  designed  as  an  any-to-any  model, 
which  further  complicates  its  implementation,  says 
Rob  Coltun,  co-routing  area  director  at  the  IETF. 
Currently,  there  are  no  real  security  measures  that  pro¬ 
tect  multicast  traffic.  “How  do  you  ensure  that  any  one 
sender  is  allowed  to  send  to  a  given  group?” 
Coltun  asks.This  is  especially  problematic  for 
a  user  on  one  ISP  who  wants  to  broadcast 
information  to  a  group  on  another  ISP,  with  a 
third  ISP  standing  in  the  middle. 

Also,  because  IP  Multicast  is  broadcast 
over  a  reserved  Class  D  IP  address,  there  is 
some  worry  about  its  scalability.  Multicast 
uses  “routing  trees”  to  determine  its  path 
through  the  network.  Because  Class  D 
addresses  are  limited,  Coltun  fears  there 
won’t  be  enough  addresses  available  if  the 
technology  becomes  extremely  popular. 

But  this  is  not  to  say  IP  Multicast  isn’t  find¬ 
ing  some  roots. 

Cisco,  one  of  the  leading  proponents  of  IP 
Multicast,  claims  that  30%  of  Fortune  500 
companies  are  using  the  technology  for 
some  form  of  content  distribution.  Any 
device  that  runs  the  company’s  routing  soft¬ 
ware,  IOS  Version  10.2  and  later,  is  multicast 
enabled,  though  the  feature  is  not  turned  on 
by  default. 

Novell  uses  RealNetworks’  RealSystem  G2 
to  multicast  company  addresses  made  by 
CEO  Eric  Schmidt  to  every  desktop  in  the 
company.  “IP  Multicast  gives  us  bandwidth 
advantages  during  large-scale  events,”  says 
Benjamin  Brimhall,  manager  of  streaming  media  ser- 
vices.“The  experience  for  the  end  user  seems  to  be  bet¬ 
ter  reliability  as  well.  When  we  go  to  view  video,  we 
don’t  have  the  lag,  dropped  packets,  buffering  . . .  you 
don’t  run  into  the  network  congestion  problems.” 

Brimhall  says  each  broadcast  runs  between  80K  and 
200K  bit/sec,  depending  on  the  event.  The  company 
streams  audio  and  video  at  this  rate  over  a  WAN  to  its 
Provo,  Utah,  headquarters  and  offices  in  San  Jose,  which 
are  connected  by  a  T-3.  Novell  upgraded  its  network 
infrastructure  18  months  ago  to  ensure  everything  is 
multicast-enabled. 

“Multicast  is  still  moving  forward,”  says  the  IETF’s 
Coltun,  who  sees  a  combination  of  servers  and  ser¬ 
vices  that  combine  unicast  and  multicast  technologies 
to  deliver  data  as  efficiently  as  possible.  Under  this 
scenario,  corporations  can  multicast  data  as  far  out  on 
the  network  as  possible,  and  then  use  unicast  tech¬ 
nology  to  reach  those  in  areas  that  are  not  multicast- 
enabled.  B 


Multicast  vs.  unicast 

O  Unicast  technology  requires  separate  connections  to  each  client  from  the  server, 
which  can  use  up  a  lot  of  bandwidth  if  there  is  a  large  audience. 


Server 


O  With  multicast,  a  single  stream  can  be  picked  up  by  each  client,  saving  bandwidth. 
The  catch:  Each  router  between  the  server  and  client  must  be  multicast-enabled. 


MUM 
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Briefs 


The  Federal  Communications 
Commission  last  week  named 
David  Farber,  a  telecommunica¬ 
tions  professor  at  the  University  of 
Pennsylvania,  as  its  chief  technol¬ 
ogist.  Farber  will  replace  Stagg 
Newman,  who  steps  down  Jan.  14. 
According  to  an  FCC  statement, 
Newman  is  moving  to  North 
Carolina  for  family  reasons  and 
will  become  Senior  Telecommuni¬ 
cations  Practice  Expert  at  consult¬ 
ing  company  McKinsey  and  Co. 
Farber  heads  the  Center  for 
Communications  &  Information 
Science  &  Policy  and  the  Labor¬ 
atory  for  Distributed  Systems  at 
Penn.  He  directs  research  in  ultra- 
high-speed  networking,  computer 
architecture  design  and  distrib¬ 
uted  collaboration  methodology. 

Covad  Communications  and 
Pacific  Bell  have  worked  out  an 
automated  ordering  process  to 
speed  provisioning  of  circuits  for 
digital  subscriber  line  (DSL).  DSL 
carrier  Covad  must  lease  lines 
from  the  local  phone  company,  so 
any  streamlining  of  the  ordering 
system  can  cut  the  time  between 
customers  ordering  service  and 
actually  getting  it.  The  companies 
claim  it  cuts  loop-ordering  time  by 
25%  and  is  less  expensive  for 
PacBell  than  completing  order 
forms.  Covad  hopes  to  do  the 
same  with  other  local  carriers. 

Covad:  www.covad.com 

FutureUnk  is  now  playing  with 
the  big  boys.  Last  week  the  San 
Francisco  application  service 
provider  (ASP)  moved  its  trading 
stock  from  a  bulletin  board  trad¬ 
ing  site  to  NASDAQ.  The  stock 
opened  at  $30  per  share,  but  was 
selling  slightly  lower  midweek 
due  to  an  overall  drop  in  stock 
markets  around  the  world.  Of  the 
ASPs  that  make  up  the  ASP 
Consortium's  more  than  250  mem¬ 
bers,  only  about  25%  trade  shares 
publicly. 

FutureLink:  www.futurelink.net 
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ASPs  still  searching  for  the  right  mix 


BY  DENISE  PAPPALARDO 

Vendors  from  all  comers  of  the 
technology  arena  are  jumping 
through  hoops  to  be  part  of 
the  developing  application  service 
provider  (ASP)  market.  And  in  some 
cases,  this  means  they’re  struggling  to 
forge  new  identities  while  keeping  their 
old  ones  intact. 

Why  this  monumental  effort?  Market 
research  firms  are  projecting  a  substantial 
revenue  opportunity  for  ASPs.  Dataquest 
in  San  Jose  predicts  the  ASP  market  will 
create  revenue  reaching  $22.7  billion  by 
2003.  Companies  such  as  AT&T,  Intel,  MCI 
WorldCom,  Microsoft,  Oracle  and  Sprint 
want  a  piece  of  that  billion-dollar  pie.  Yet 
most  vendors  are  still  trying  to  figure  out 
what  application  service  model  works 
best  for  them  and  their  customers. 

In  November,  Microsoft  stepped  into 
the  hosted  applications  business  through 
the  creation  of  the  Microsoft  Office 
Online  partnership  program.Through  the 
program,  13  service  providers  have 
agreed  to  host  Microsoft  Office  2000  soft¬ 
ware  for  business  users.  Pricing  and  target 
customers  are  chosen  by  individual  ser¬ 
vice  providers,  which  include  Concentric 
Network,  FutureLink,  Telecomputing  and 
USintemetworking.  These  service  pro¬ 
viders  will  offer  their  customers  access  to 
hosted  Word,  Excel  or  Access  applications 
over  the  Internet,  says  George  Meng,  a 
Microsoft  product  manager. 

Despite  this  program’s  launch, 
Microsoft  seems  to  be  struggling  with 
how  to  cope  with  hosted  applications  and 


how  to  best  address  the  market.  It  believes 
users  at  midsize  to  large  companies  will 
continue  storing  Microsoft  applications 
locally.  A  business 
traveler  may  want 
Word  or  Excel  right 
on  his  machine 
rather  than  dial  in  to 
an  ASP  for  access, 

Meng  says. 

Plus,  Microsoft 
believes  some  users 
might  prefer  buying 
the  applications 
outright  rather  than 
from  an  ASP.  So 
Microsoft  plans  to 
sell  hosted  Office 
applications  directly 
to  small  business 
users  through  its 
bCentral  portal 
(www.  b  central, 
com).  In  a  sense, 
that  will  make 
Microsoft  a  com¬ 
petitor  to  its  13 
Microsoft  Office 
Online  program 
partners.  However,  Microsoft  has  yet  to 
determine  how  to  set  up  software  licens¬ 
ing  on  bCentral.  Whether  Microsoft  or  cus¬ 
tomers  would  own  the  Office  2000  soft¬ 
ware  license  is  not  clear. 

The  software  giant  is  viewing  the 
application  services  market  conserva¬ 
tively.  “We  do  believe  it  is  an  emerging 
market  and  not  something  people  will  be 
switching  to  wholesale  overnight,”  Meng 


says.  “It  will  be  two  to  five  years  before 
more  significant  changes  will  happen.” 

Oracle  seems  to  have  a  clearer  handle 
on  how  to  provide 
hosted  applications. 
That’s  probably  be¬ 
cause  Oracle  isn’t 
worried  about  can¬ 
nibalizing  its  cus¬ 
tomer  base  by  pro¬ 
viding  hosted  appli¬ 
cations,  says  John 
Repko,  vice  presi¬ 
dent  of  operations 
for  Oracle  Business 
Online. 

Repko  maintains 
the  small  to  midsize 
business  companies 
Oracle  Business  On¬ 
line  targets  would 
otherwise  not  be 
Oracle  customers. 
They  couldn’t 
afford  the  cost  of 
buying,  implement¬ 
ing  and  maintaining 
Oracle’s  high-end 
enterprise  resource 
planning  (ERP)  and  customer  relationship 
management  (CRM)  applications. 

What’s  more,  Oracle  Business  Online 
offers  no  software  customization,  although 
the  base  software  is  the  same.  That  means 
most  Fortune  500  companies,  because 
they  change  the  source  code  of  their  ERP 
or  CRM  applications  upon  implementa¬ 
tion,  will  find  it  virtually  impossible  to  host 
See  ASPs,  page  26 


Top  applications 


A  recent  Network  World 
study  of  about  300  readers 
shows  that  more  than  20%  are 
already  teaming  with  ASPs. 
Some  of  the  most  popular 
application  rental  services 
users  are  buying  include: 


Start-up  touts  low-cost  connections  over  optical  fiber 


BY  TIM  GREENE 

NORTH  ANDOVER,  MASS.  — 
Quantum  Bridge  says  it  has  tools  to  link 
computers  that  are  miles  apart  via  10M 
bit/sec  optical  fiber  connections  that 
cost  about  the  same  as  1.5M  bit/sec T-ls. 

The  15-month-old  company  claims 
carriers  that  use  its  passive  optical  net¬ 
work  gear  can  charge  $500  to  $1,000 
per  month  for  WAN  access  links  at  LAN 
speeds  and  still  recoup  their  hardware 
investments  within  a  year.  Similar  ser¬ 
vices  today  cost  $750  to  $2,000,  depend¬ 
ing  on  the  carrier,  bandwidth  and  dis¬ 


tance  between  the  customer  and  the  ser¬ 
vice  provider  switching  office. 

“It’s  upping  the  ante  here  about  how 
much  bandwidth  you  can  distribute 
affordably,”  says  Rosemary  Cochran,  an 
analyst  with  Vertical  Systems  Group  in 
Dedham,  Mass. 

Customers  need  inexpensive  high¬ 
speed  access  technology  that  lets  them 
take  advantage  of  the  mushrooming 
backbone  capacity  carriers  have  by 
virtue  of  advances  in  core  network  tech¬ 
nologies  such  as  dense  wave  division 
multiplexing,  Cochran  says. 

Vertical  Systems  says  76%  of  businesses 


with  75  employees  or  more  are  within  a 
mile  of  optical  fiber,  making  it  possible  for 
carriers  to  extend  fiber  directly  to  those 
potential  customers. 

Quantum  Bridge  equipment  splits 
wavelengths  of  light  into  time  slots  so 
each  wavelength  can  be  shared  by  up 
to  32  customers.  If  customers  need 
more  bandwidth,  they  get  it  in  1.7M 
bit/sec  chunks  by  adding  time  slots. 
Quantum  Bridge  says  its  gear  gives  car¬ 
riers  the  option  to  let  customers  add 
and  drop  bandwidth  using  secure  Web 
connections. 

See  Quantum,  page  26 
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Quantum, 

continued  from  page  25 

A  QB5000  optical  access  switch  at  a 
carrier  switching  office  assembles  cus¬ 
tomer  traffic  on  fiber  strands  and 
QB100  intelligent  optical  terminals  at 
customer  sites  pick  off  just  individual 
customers’  traffic. 

As  the  fiber  branches  out  from  the 
switching  office  to  reach  customers, 
the  light  is  diverted  using  passive  opti¬ 
cal  splitters  and  couplers  that  require 
no  electronics.  The  system  supports 
access  links  of  20  kilometers  or  more 
depending  on  how  many  customers 
are  being  fed  by  one  wavelength. 

Customers  plug  their  LAN  gear  in  to 
either  T-l  ports  or  a  10/100M  bit/sec 
Ethernet  port  on  a  QB100.  Later 
releases  of  the  equipment  will  feature 
Gigabit  Ethernet,  fiber  channel  and 
OC-3,  OC-12  and  OC-48  ports,  the 
company  says. 

Scheduled  to  ship  in  June,  the  com¬ 
pany’s  products  cost  $7,000  per  cus¬ 
tomer  for  200  QB  100s  supported  by  a 
fully  loaded  QB5000. 

Quantum  Bridge,  www.quantum 
bridge.com 


ASPs, 

continued  from  page  25 

an  application  with  Oracle  Online 
Business  rather  than  buying  the  software 
from  Oracle  properAnd  that,  in  turn,  safe¬ 
guards  Oracle’s  traditional  revenue 
source. 

With  the  Oracle  hosting  sendee,  a  cus¬ 
tomer  pays  a  software  license  fee  based 
on  the  number  of  users  who  will  access 
the  application  but  doesn’t  worn'  about 
maintaining  the  application.  Instead,  the 
customer  pays  Oracle  Business  Online  a 
monthly  sendee  charge. 

Oracle’s  ASP  model  differs  from  the 
approach  taken  by  competitors  such  as 
Corio  and  Telecomputing,  both  of 
which  bundle  the  software  licensing 
fees  into  monthly  bills.  While  ASPs  own 
the  software  license,  customers  own 
the  content,  these  providers  say. 

Traditional  data  service  providers 
make  obvious  ASPs,  but  that  doesn’t 
mean  hosting  applications  come  natural¬ 
ly  to  players  in  this  market  segment. 

Sprint  follows  one  approach,  AT&T 
and  MCI  WorldCom  subscribe  to  anoth¬ 
er.  In  October,  Sprint  announced  that  it’s 
teaming  with  Deloitte  Consulting  to 


offer  business  users  hosted  ERP  and 
CRM  applications  from  software  compa¬ 
nies  such  as  PeopleSoft,  SAP  and  Siebel 
Systems.  Sprint  brings  data  center  and 
network  services  expertise  to  the  table, 
while  Deloitte  delivers  application  sup¬ 
port  and  maintenance  know-how. 

Sprint  and  Deloitte  will  target  Fortune 
500  customers  rather  than  smaller  com¬ 
panies.  They’ll  do  so  by  pitching  cus¬ 
tomization  of  the  hosted  applications. 
Users  would  likely  pay  a  premium  for 
the  tweaks  because  that  software  could 
not  be  used  for  other  users,  flying  in  the 
face  of  the  one-to-many  hosted  applica¬ 
tion  model,  says  Meredith  Whalen,  an 
analyst  at  International  Data  Corp.,  in 
Framingham,  Mass. 

Meanwhile,  AT&T  is  busily  building 
data  centers  so  it  can  host  Web  servers 
for  business  users  and  application 
servers  for  ASPs,  says  Oleh  Danyluk,  gen¬ 
eral  manager  of  next-generation  IP  ser¬ 
vices  at  AT&T.  In  other  words,  AT&T  will 
provide  hosting  facilities  to  ASPs  rather 
than  get  into  the  ASP  business  directly. 

UUNET  is  hosting  application  servers 
for  providers  such  as  Telecomputing,  a 
worldwide  ASP  based  in  Fort  Lauder¬ 
dale,  Fla. Telecomputing  stores  its  appli¬ 


cation  and  database  servers  exclusively 
at  UUNET  data  centers,  and  customers 
can  only  use  UUNET’s  dedicated  Inter¬ 
net  access  services  to  get  to  rented 
applications. 

Analysts  predict  more  ASPs  will  align 
themselves  with  specific  providers.  In 
fact,Applicast,  an  ASP  in  Mountain  View, 
Calif.,  mostly  works  with  GTE  Internet¬ 
working,  while  Portera,  an  ASP  in 
Campbell,  Calif.,  works  exclusively  with 
Intel  Online.  Intel  Online?  Yes,  even  chip 
and  processor  giant  Intel  wants  a  piece 
of  the  hosting  pie.  3 
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SOFTWARE 

GIANT=ASP? 

Oracle  and  Microsoft  have  found  their  alter 
egos  as  application  service  providers.  But 
what  does  each  have  to  offer  customers? 
We  take  you  to  their  Web  sites  to  find  out. 
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Eye  on  the  carriers  .  David  Rohde 

New  telecom  era 


♦  ♦ 


.  SAME  OLD  AT &T  TACTICS 


Just  before  Christmas,  the  Fed¬ 
eral  Communications  Commis¬ 
sion  freed  Bell  Atlantic  to  go  into  the 
long-distance  business  for  its  cus¬ 
tomers  in  New  York. 

The  reaction?  MCI  WorldCom  and 
Sprint  said  fine,  let’s  compete.  Many 
competitive  local  exchange  carriers 
said  OK,  we  ll  just  keep  ordering 
local  loops  from  Bell  Atlantic.  Users 
generally  said  the  fewer  restrictions, 
the  better. 

AT&T  said  we’re  gonna  sue. 

Well,  isn’t  that  just  so  20th  century 
of  them? 

Regular  readers  of  this  column 
know  that  one  of  the  enduring  truths 
about  carriers  is  that  they  all  say  one 
thing  on  Wall  Street  and  the  opposite 
in  Washington.  If  there  was  ever  a 
more  brazen  example  of  this  than 
AT&T’s  behavior  at  the  end  of  1999, 1 


can’t  think  of  it. 

Not  three  weeks  before  the  FCC’s 
Bell  Atlantic  decision,  AT&T’s  bigwigs 
gathered  together  hundreds  of  ana¬ 
lysts  in  New  York  for  a  daylong  brag- 
fest.  They  showed  a  TV  ad  now  run¬ 
ning  in  New  York  offering  combined 
AT&T  local  and  long-distance  service 
to  consumers.  Then  they  projected 
that  the  number  of  such  AT&T  “all¬ 
distance”  customers  in  the  state  would 
zoom  from  the  current  100,000  to 
about  750,000  at  year-end  2000 
because  of  AT&T’s  brilliant  marketing. 

Yet  when  the  FCC  gave  Bell  Atlantic 
the  long-distance  nod,  AT&T’s  lobby¬ 
ists  roared  that  Bell  Atlantic’s  local- 
competition  systems  weren’t  up  to 
the  task.  In  their  lawsuit,  they  claimed 
AT&T  would  now  have  to  either  aban¬ 
don  the  New  York  local  market  or 
“ramp  up  its  orders  for  local  service” 


at  a  time  when  Bell  Atlantic’s  systems 
“will  profoundly  degrade  AT&T’s  repu¬ 
tation  for  providing  quality  service.” 

So  which  is  it,  AT&T?  Why  are  your 
marketing  folks  planning  a  huge  local 
ramp-up  if  it’s  going  to  destroy  the 
brand?  Or  is  this  just  about  AT&T  want¬ 
ing  to  continue  charging  a  monthly  fee 
on  its  best  long-distance  plans  — 
something  the  Bells  promise  not  to  do? 

But  there  are  bigger  issues  involved 
here  than  either  AT&T’s  or  Bell 
Atlantic’s  parochial  interests.  Tele¬ 
com’s  ridiculously  outdated  local/ 
long-distance  dichotomy  has  distorted 
everything  from  toll  charges  to  area 
code  arguments,  and  it’s  time  to  start 
getting  rid  of  it. 

And  there  are  unusual  dangers  in 
AT&T’s  opposition,  which  is  based  on 
the  claim  that  orders  to  switch  local 
service  don’t  always  flow  seamlessly 


through  Bell  Atlantic’s  electronic  sys¬ 
tems.  Basically,  AT&T  wants  some 
judge  to  rule  that  Bell  Atlantic  isn’t 
perfect.  Well,  as  more  than  one  net¬ 
work  manager  has  pointed  out  to  me, 
it’s  not  as  if  AT&T  never  misses  an 
installation  date.  How'd  AT&T  like  to 
have  a  court  probe  into  its  order-entry 
and  billing  systems? 

Everyone  agrees  the  telecom  indus¬ 
try  in  the  21st  century  has  to  stop 
being  about  legal  warfare  and  start 
being  about  competition  and  innova¬ 
tion.  Perhaps  AT&T  should  join  the 
new  era  now  that  it’s  under  way.  And 
no  letters  about  how  the  21st  century 
doesn’t  really  begin  until  next  year, 
thank  you  very  much. 

Rohde  is  a  senior  editor  with 
Network  World.  He  can  be  reached  at 
drohde@nww.  com. 
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Exabyte 

people  working  for  you' 


These  puppies  scream.  They’re  fast,  nigged,  reliable  and  easy  to  maintain  (and  the  car  ain’t  bad,  either).  The  Exabyte  M2  tape  drive  comes  loaded  with  features 
you'll  appreciate.  Like  a  12  MB/second  (30  MB  compressed)  transfer  rate  and  a  capacity  of  60  GB  (150  GB  compressed).  And  unparalleled  reliability. 

Seed  one  more  reason  to  go  for  a  30-day,  absolutely-no-obligation  test  drive?  How  about  a  chance  to  win  a  Sew  Turbo  Beetle  from  Volkswagen? 
Stop  by  your  local  reseller  and  find  out  more.  And  you  might  want  to  huny  —  these  puppies  are  going  fast. 

1 .800.EXABYTE  www.m2wins.com 

Exabyte  is  a  registered  trademark  and  M2  is  a  trademark  oj  Exabyte  Corporation.  1  -  , 

Xo  purchase  nccessctn:  Same  restrictions  apply.  Complete  official  rules  available  at  wtvw.mZufiiisiivm.  '  . 


Mm 


■ 

-  •  ■  ^ « 


Network  World  January  1  0,  2000  www.nwfusion.com  27 


Solutions 


ADSL  Multi-Rate 

•  Single-chip  transceiver 

•  12  Mbps/1  Mbps 
on  short  loops 

•  Interoperable 

•  Software  upgradable 

•  Low  power 


lotoroia  »s  a  registered  trademark  and  The  Heart  of  Smart.  CopperGold.  DigilalDNA  and  the  DigttaiDN/gjfb  are  trademarks  of  Motorola,  Inc 


Wm 

more  excitement  to  more 


from  Motorola 


OF  SMART 


■ 


And  it’s  outta  here.. .Motorola’s  new  CopperGold  Multi-Rate  solution  pushes  reach  and 


of  up  to  12  Mbps  on  short  loops,  with  service  beyond  20,000  feet.  It’s  our  smartest 


from  Motorola.  DigitalDNA  is  chips,  systems,  software  and  the  ideas  of  thousands  of 
innovative  engineers.  Our  CopperGold  Multi-Rate  solution  has  the  flexibility  to  support 


power  and  greater  port  density.  So  come  check  out  our  next-generation  multi-rate 
solution.  And  join  the  crowd  of  CopperGold  fans. 


Stackable 


Switches  &  Switching  Routers: 

Fastlron  Workgroup  &  Backbone  Switches 
Netlron  Switching  Router 
Turbolron/8  Switch  &  Switching  Router 


Serverlron 


Server  Load  Balancing  and  Transparent 
Caching  Switch 


Fastlron  II 

Wiring  Closet  Switches: 

Fastlron  II,  Fastlron  II  Plus,  Fastlron  II  GC 
and  Fastlron  II  Plus  GC 


Biglron  4000 

Switch  &  Switching  Router 


Biglron  8000 

Switch  &  Switching  Router 


Whenever  top-tier  ISPs  like  AOL®,  Yahoo!®  and  MindSpring®  cry  out  for 
maximum  speed,  we  heed  their  call.  When  enterprises  like  First  Union 
National  Bank,  LTV  Steel  and  Paramount  Pictures®  grasp  for  reliability, 
we  leap  to  the  rescue.  And  when  organizations  like  the  University  of 
Southern  California  and  the  National  Institutes  of  Health  search  the 
world  for  price  and  performance,  we  arrive  just  in  time. 

We're  Foundry  Networks.  And  we've  got  powers  no  one  else  can  match. 
For  starters,  we're  the  only  vendor  to  offer  super-fast  10/100  and  Gigabit 
Ethernet  switches  for  Layers  2, 3,  and  4-7 — all  totally  integrated.  Plus 
Packet  Over  SONET  WAN  links.  That’s  product  breadth  from  the  network 
edge  to  its  core. 

Then  there's  our  super  feature  set.  Integrated  multi-protocol  wire-speed 
routing  and  application-enabled  Layer  4-7  switching.  Plus  64  port  Gigabit 


Ethernet  density  at  up  to  96  Mpps  for  maximum  investment  protection 
and  flexibility. 

Yes,  we've  won  multiple  awards  for  product  and  corporate  excellence, 
but  we're  not  in  this  business  for  the  praise.  We're  in  it  to  give  our 
customers  IronClad  Network  Performance.  Does  that  make  us  super¬ 
heroes?  We  don't  know.  But  our  customers  might. 

Visit  www.foundrynetworks.com/nwl  for  a  hot  deal  on  our  hot  products. 
Or  call,  1-888-TURBOLAN  (887-2652). 

phone:  408.530.3300 
visit:  www.foundrynetworks.com 
email:  info@foundrynet.com 
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Enterprise 


Inprise  last  week  said  it  will 
launch  the  new  version  of  its 
InterBase  database  management 
system  as  open  source  software. 
The  company  will  release  the 
source  code  for  Version  6  of  its 
SQL  database  for  Linux,  Windows 
NT  and  Solaris  at  an  unspecified 
date  early  this  year.  The  Scotts 
Valley,  Calif.,  firm  will  continue  to 
sell  and  support  InterBase  5.6 
through  normal  channels. 

Inprise:  www.inprise.com 

Acta,  a  Palo  Alto,  vendor  of 
add-ons  for  SAP's  R/3  enterprise 
resource  planning  systems,  last 
week  shipped  a  $75,000  software 
module  called  Customer  Billing 
eCache.  The  module  provides  a 
way  to  share  business  data 
between  e-commerce  servers 
and  back-end  SAP  systems. 

Acta:  www.acta.com 

Axent  Technologies  has 
unveiled  the  PowerVPN,  an  IP 
Security  (IPSec)  virtual  private 
network  server  that  runs  on 
Windows  NT  and  can  be  used  as 
a  secure,  remote  server  or  as 
part  of  Axent's  Raptor  firewall. 
PowerVPN,  which  ships  with 
free  IPSec  client  software,  sup¬ 
ports  the  lETFs  Internet  Key 
Exchange  protocol.  The  Power¬ 
VPN  Server  and  the  firewall- 
based  PowerVPN,  set  to  ship 
this  quarter,  cost  $2,000  sepa¬ 
rately  or  $2,500  for  both. 

Axent:  www.axent.com 

CheckFree  Holdings  has 

announced  it  will  acquire  Blue- 
Gill  Technologies,  a  maker  of 
Internet  billing  applications,  in  a 
stock  swap  valued  at  approxi¬ 
mately  $250  million.  The  deal  will 
bring  CheckFree  new  customers 
in  South  America  and  Europe, 
including  Barclay's  Bank  and 
Cable  &  Wireless.  CheckFree 
offers  bill-payment  processing 
and  other  services. 


IN-SITE:  Lessons  from  Leading  Users 
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Secure  extranet  is  just  what  the  doctor  ordered 


BY  ELLEN  MESSMER 

he  National  Board  of  Medical 
Examiners  (NBME),  whose  job  is 
to  accredit  physicians  in  the  U.S., 
has  set  up  an  extranet  to  provide 
online  access  to  doctors’  test 
scores  and  other  data. 

Medical  schools,  state  medical  licens¬ 
ing  authorities,  hospitals  and  other 
organizations  need  to  know  how  med¬ 
ical  students  have  scored  on  the  tough 


exams  given  by  the  NBME,  which  also 
keeps  track  of  whether  or  not  physi¬ 
cians  are  in  good  standing. 

The  NBME  decided  it  could  dissemi¬ 
nate  such  information  much  more 
quickly  over  the  Web  than  it  could  via 
paper.  The  NBME’s  main  challenge  was 
finding  a  way  to  really  be  sure  of  the 
online  user’s  identity  and  restrict 
access  to  the  appropriate  information, 


all  housed  in  an  Oracle  database. 

“Once  we  decided  to  use  the  Web, 
we  needed  to  have  a  good  way  to  qual¬ 
ify  users  online  to  make  sure  they  are 
who  they  say  they  are,”  says  Steve 
Lopez,  the  NBME’s  director  of  IT. 

Simple  passwords  and  IDs,  used  over 
and  over  again,  were  seen  as  inade¬ 
quate  because  they  can  easily  be  com- 
See  NBME,  page  34 


Medical  board  cuts  down  the  paper  trail 
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The  National  Board  of  Medical  Examiners  installed  a  Web-based  extranet  to  give  hospitals  and  medical  colleges  secure 
access  to  physician  records. 

©The  bridge  server  sends  the  request  to 
the  WebDefender  Server,  which  checks 
the  user's  identity  and  password  against 
a  list  of  authorized  users.  If  OK,  Web¬ 
Defender  issues  a  software  "ticket." 


©  A  user  logs  on  to  the  SecureLink  Bridge 
Server  at  the  NBME's  site,  using  a  one-time 
password  generated  by  a  WebDefender 
software  token  on  his  or  her  PC. 


Medical 
school  user 
with  software 
token 
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Internet 


With  the  ticket,  the  user  is  granted  limited  access  to  securely 
download  physician  records  on  an  Oracle  Web  server  and  database' 
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Oracle  Web  server 
and  database 


Mail.com  buys  e-mail  service  firm  Lansoft 


BY  CAROLYN  DUFFY 
MARS AN 

NEW  YORK  —  As  part  of  an  ongoing 
effort  to  bolster  its  position  in  the  corpo¬ 
rate  e-mail  outsourcing  market,  Mail.com 
of  New  York  last  week  acquired  Lansoft  of 
Columbus,  Ohio.  The  financial  terms  of 
the  deal  were  not  disclosed. 

The  Lansoft  deal  is  Mail.com’s  fourth 
acquisition  in  less  than  six  months  —  all 
designed  to  increase  Mail.com’s  corporate 
customer  base  and  service  offerings.  In 
August,  MaU.com  purchased  The  Allegro 
Group  of  Dayton,  Ohio,  which  provides 
Internet  e-maU  management,  screening 


and  hosting  services  to  1,000  companies. 
In  October,  MaU.com  acquired  TCOM  of 
Morristown,  N.J.,  which  provides  software 
development  services  to  telecommunica¬ 
tions  carriers.  And  in  December,  MaU.com 
announced  plans  to  acquire  NetMoves  of 
Edison,  N.J.,  which  provides  Internet  fax 
and  document  delivery  services  to  7,000- 
plus  companies. 

Messaging  application  service  pro¬ 
viders  “are  looking  for  ways  to  break  out 
of  the  consumer  model  that  they’ve  been 
successful  in  and  position  themselves  for 
the  outsourced  business  market,”  says 
Mark  Levitt,  research  director  of  coUabo- 
rative  computing  at  International  Data 
Corp.,  in  Framingham,  Mass.  “It’s  a  big 
change  going  from  an  advertising-based 
wholesale  hosted  e-maU  business  for  con¬ 
sumers  to  a  business  messaging  model, 
where  you’re  paid  on  an  annual  basis  for 
resource-intensive  services.” 

Levitt  says  competitors  Critical  Path 


and  USA.NET  are  ahead  of  MaU.com  in 
terms  of  attracting  corporate  customers 
but  that  the  market  is  stiU  too  smaU  and 
too  new  to  rank  the  players.  Both  Critical 
Path  and  USA.NET  also  recently  acquired 
or  licensed  software  technology  required 
to  support  enterprises. 

“There  are  a  lot  of  players  betting  that 
[corporate  outsourced  messaging]  is 
going  to  happen  this  year  or  next,”  Levitt 
See  Mail.com,  page  34 


www.nwfusion.com 


ADVENTURES  IN 

E-MAIL 

Read  how  United  took  flight  with 
outsourced  Web  mail.  The  airline  ditched 
its  client/server  messaging  system,  citing 
cost  savings  and  scalability  benefits. 
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/'ve  tried  for  23  years  to  "make  it,”  yet 
won't  wait  8  seconds  to  buy  a  CD  online 


THIS,  MY  FRIEND,  DOES  NOT  ROCK 


Source:  Networkshop  testing,  1999:  http://www.networkshop.cd 


If  we  knew  what*drove  certain 
people  to  do  certain  things,  we'd  open 
a  chain  of  market  research  joints  and 
make  a  killing.  Instead,  we've  come  up 
with  something  of  far  greater  value  to 
you;  a  way  to  make  your  Web  site  fly 
In  secure  lode. 


By  using  ihe  first  Commerce 
Accelerators  designed  specifically  for 
e-commerce  sites,  you'll  get  the  most 
out  of  your  server  farm.  Our  Commerce 
Accelerator  1000  ,  for  instance,  can 
increase  the  processing  of  encrypted 
messages  by  up  to  50  times*. 


www.really-heavy-metal.com 


To  see  how  much  faster  things  run  with  I  Pivot "  and  get  information  on  how  we  can  speed  up  your  Web  site,  visit  ours 


Enterprise  Applications 


'Net  Insider  .  Scott  Bradner 

What  will  it  look 


like? 


he  beginning  of  a  new  year, 
decade  and  century  seems  to 
get  we  pundits  looking  back  to  history 
while  at  the  same  time  trying  to  pre¬ 
dict  the  future,  and  I  am  not  immune. 

I  started  writing  this  column  in 
January  1993  The  network  world  was 
a  very  different  place  at  that  time.  I 
doubt  that  many,  if  any,  observers  in 
those  days  could  have  predicted  the 
Internet  of  today  or  the  push  toward 
the  convergence  of  telecommunica¬ 
tions  technologies  that  seems  to  be 
on  the  near  horizon. 

In  the  early  days  of  this  column  I 
spent  time  justifying  an  interest  in 
the  Internet  in  the  face  of  the  pre¬ 
vailing  opinion  that  it  was  going  to 
be  replaced  by  something  real. 
Newsweek  and  Time  both  said  so  in 
big  cover  stories  on  the  national 
information  infrastructure.  The  edi¬ 


tors  of  these  publications  also 
admonished  me  for  spending  too 
much  time  on  this  toy  called  the 
Internet. 

It’s  a  bit  different  today,  with  Time 
giving  its  Person  of  the  Year  award  to 
Amazon. corn’s  Jeff  Bezos  for  chang¬ 
ing  the  basic  nature  of  the  retail  busi¬ 
ness,  and  with  the  Internet  figuring 
prominently  in  Newsweek’ s  predic¬ 
tions  for  the  next  century.  Few  now 
doubt  the  impact  of  the  Internet. 

But  it’s  still  a  mysterious  and  worri¬ 
some  thing  to  many,  including  fellow 
columnist  Thomas  Nolle,  who  in  the 
Dec.  20, 1999  issue  of  Network  World 
doesn’t  quite  seem  to  understand 
that  the  Internet  is  international. 

I  think  that  two  things  enabled  the 
Internet  to  become  what  it  has 
become:  the  end-to-end  model  and 
the  lack  of  government  regulations. 


The  end-to-end  model  in  the 
Internet  means  that  data  flows 
between  end  systems  without  any¬ 
thing  special  happening  in  the  mid¬ 
dle.  In  particular,  you  and  I  can  come 
up  with  a  new  application  and  try  it 
out  over  the  Internet  without  having 
to  get  anyone’s  permission. 

And  the  lack  of  government  regu¬ 
lations  regarding  what  one  can  and 
can  not  do  (in  the  name  of  increasing 
reliability,  for  example)  permits  these 
experiments  to  continue. 

But  the  Internet  is  getting  too 
important  in  too  many  people’s 
minds.  It’s  getting  too  important  to  be 
left  to  the  technical  people  and  entre¬ 
preneurs.  So  governments  will  step  in 
to  help  make  sure  the  Internet  suc¬ 
ceeds,  and  they  may  seriously  reduce 
its  chances  of  success  in  the  process. 

Arthur  C.  Clarke  observed  that  any 


significantly  advanced  science  is 
indistinguishable  from  magic.  Today’s 
Internet  would  be  close  to  magic 
when  viewed  from  January  1993.  I 
hope  that  the  Internet  of  2010  is  as 
magical  when  viewed  from  the  cur¬ 
rent  era.  I  predict  it  will  be,  if  gov¬ 
ernments  don’t  help  too  much  and 
compromise  the  end-to-end  model 
with  too  many  regulations.  But  I  fear 
they  will. 

I  should  have  a  more  positive  atti¬ 
tude  at  the  start  of  a  new  century, 
but  I  don’t. 

Disclaimer:  Harvard  does  not  have 
formal  opinions  on  centuries,  so  the 
above  is  my  own  pessimism. 

Bradner  is  a  consultant  with 
Harvard  University’s  University 
Information  Systems.  He  can  be 
reached  at  sob@sobco.com. 
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continued  from  page  31 

promised  through  sharing  with  others, 
he  says. 

The  better  answer  for  the 
extranet,  Lopez  says,  was 
what  security  experts  call 
“two-factor  authentication” 

—  which  means  generating  a 
one-time  password  through  a 
software  or  hardware  token 
given  to  the  user  along  with  a 
unique  PIN  number. 

Because  the  NBME  was 
satisfied  with  the  Raptor  fire¬ 
wall  from  Axent  Tech¬ 
nologies  it  has  been  using  for 
a  long  time,  Lopez  last  year 
looked  at  adding  two  other 
Axent  products  —  the  SecureLink 
Bridge  Server  and  WebDefender.  These 
two  products  work  inside  the  intranet  to 
provide  the  remote  user  with  single  sign- 
on  to  Web  pages. 

The  Unix-based  SecureLink  Bridge 
Server  acts  as  a  proxy  to  the  firewall  for 
the  remote  user  —  in  this  case, 
an  individual  at  a  medical  school  or 
other  organization  who  wants  to  obtain 


The  NBME's  Steve 
Lopez  found  a  way 
to  make  Web  trans 
actions  secure. 


physicians’  records.  The  outsider  has  to 
prove  his  identity  over  the  Web  by  enter¬ 
ing  a  one-time  password  created  by  the 
WebDefender  software  token  issued  by 
the  NBME. 

The  bridge  server  passes 
this  identity  authentication 
request  to  the  WebDefender 
server,  and  if  the  remote 
user’s  identity  checks  out, 
WebDefender  issues  a  soft¬ 
ware  ticket.  The  ticket  grants 
restricted  access  to  a  Web 
application  server. 

“We  have  about  130  out¬ 
side  people  from  medical 
schools  using  this  to  get  test- 
score  information  from  the 
NBME,”  says  Lopez,  who 
notes  the  system  has  been  in 
place  since  the  fall. 

The  NBME’s  IT  staff  made  sure  to 
keep  the  organization’s  business  divi¬ 
sions  fully  informed  about  the  extranet 
project  to  encourage  future  use  of  the 
technology. 

The  next  extranet  appfication  under 
way  at  the  NBME  will  give  college  pro¬ 
fessors  a  way  to  discuss  testing  online 
rather  than  in  person.  E 


Mail.com, 

continued  from  page  31 

adds.  ’’We’ll  see  it  being  a  trickle  that  will 
grow  in  the  coming  year,  but  I  don’t 
expect  huge  numbers  of  companies  fully 
outsourcing  their  e-mail.” 

Lansoft  provides  e-mail  management, 
e-commerce  and  Web-hosting  services  to 
about  700  companies,  including  Wilson 
Sporting  Goods,  Oriol  Healthcare,  Echlin 


and  Landmark  Education  Corp.  Under 
the  terms  of  the  acquisition,  lansoft ’s 
data  center  and  1 1  employees  will  move 
to  Dayton  and  become  part  of 
Mail.com  s  Allegro  Group  subsidiary. 

Mail.com  manages  more  than  seven 
million  Web-based  e-mail  boxes  and  has  a 
staff  of  120.  Mail.com  provides  e-mail  ser¬ 
vices  to  consumers,  ISPs,  Web  sites  and, 
through  Allegro,  corporations. 

Mail.com:  http://corp.mail.com 
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Dr  Intranet 


By  Steve 
Blass 

We  have  a 
small  Windows 
NT  intranet  with 
Windows  95  work¬ 
stations.  We  obtained 
digital  subscriber 
line  (DSL)  service 
with  nine  IP  addresses  (209.31. 
36.29  through  .37,  gateway  is 
209.31. 36.1),  configured  TCP/IP 
on  the  workstations  and  every¬ 
thing  worked  fine.  We  then 
obtained  a  stock  quotation  sys¬ 
tem  for  three  workstations.  We 
installed  the  equipment  and  re¬ 
addressed  the  workstations 
(210.7.75.67  through  .69,  gateway 
address  is  210.7.75.65).  The 
stock  service  works  fine,  but  it 
killed  the  DSL  Internet  access. 

Our  back-office  system  has 
two  NT  workstations  connected 
to  a  Unix  box  using  IP  ad¬ 
dresses  192.168.0.1  through  .3  on 
the  same  Ethernet  segment  as 
the  rest  of  the  office.  We  want 
to  let  the  back-office  system 
use  the  DSL  Internet  service. 

Are  there  built-in  facilities 
within  Win  95  that  will  let  the 
stock-feed  workstations  also 
access  the  'Net  through  our  DSL 
service?  How  about  the  back- 
office  workstations?  Do  we 
have  to  employ  a  hardware 
solution,  such  as  a  router? 

Via  the  Internet 

You  could  provide  'Net  ac¬ 
cess  to  the  back-office  systems 
by  giving  them  IP  addresses  in 
the  209.31.36.x  range.  You  may 
be  able  to  configure  the  stock- 
feed  workstations  to  talk 
through  both  gateways  by  abus¬ 
ing  the  Win  95  route  command, 
but  your  gateways  may  not 
cooperate.  A  router  or  a  work¬ 
station  with  multiple  network 
cards  to  route  between  your  IP 
subnets  would  solve  the  ad¬ 
dress  resolution  problems. 

Blass  Is  a  network  archi¬ 
tect  at  Sprint  Paranet  in 
Houston.  You  can  reach  him 
at  dr.intranet@paranet.com. 
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HDSL2:  Why  1  wire  is  better  than  2 


BY  KEITH  ATWELL 

While  the  price  of  raw  cop¬ 
per  may  be  low,  the  cost 
of  installing  new  copper 
facilities  is  higher  than  ever.  That 
means  carriers  must  do  whatever  they 
can  to  leverage  their  existing  copper 
infrastructures. 

The  answer  for  most  telephone  com¬ 
panies  is  high-bit-rate  digital  subscriber 
line  (HDSL)  or  the  newer,  two-wire 
HDSL2.  A  widely  deployed  symmetrical 
DSL  service,  HDSL  provides  full  T-l  ser¬ 
vice,  or  a  bidirectional  rate  of  1.5M 
bit/sec,  over  two  copper  pairs.  In  con¬ 
trast,  HDSL2  uses  only  one  copper  pan¬ 
to  provide  the  same  level  of  service. 

Small  to  midsize  business  can  expect 
to  see  telcos  using  HDSL2  as  a  T-l 
replacement  that  will  provide  more  eco- 

UP  CLOSE 

Comparing  HDSL  and  HDSL2 


nomical  deployments. 

By  changing  the  line  code  from  2B1Q 
to  TC  PAM  with  spectral  shaping,  HDSL2 
not  only  provides  full  T-l  service  using  a 
single  copper  pair  on  loops  that  meet 
the  Carrier  Service  Area  deployment 
guidelines,  but  it  also  resists  noise  result¬ 
ing  from  coexistence  with  other  DSL  ser¬ 
vices.  And  because  it  uses  only  two 
wires,  HDSL2  consumes  half  the  copper 
resources  of  its  four-wire  predecessor. 

Like  other  flavors  of  DSL,  HDSL2  lets 
carriers  deploy  high-speed  data  services 
using  existing  copper  facilities.  This 
means  service  providers  don’t  need  to 


invest  time  and  money  to  replace  cop¬ 
per  wires  with  fiber  optic  cables,  making 
HDSL2  an  excellent  solution  wherever  a 
large  investment  in  copper  has  already 
been  made  and  service  needs  continue 
to  grow. 

The  economic  benefits  of  HDSL2  are 
enormous  because  providers  potentially 
will  be  able  to  generate  twice  as  much 
revenue  from  two  copper  pairs  as  they 
can  with  either  HDSL  or  traditional  T-l. 
Use  of  HDSL2  also  allows  the  local  carri¬ 
er,  which  owns  the  copper  wires,  to  alle¬ 
viate  “copper  exhaust,”  or  the  shortage 
of  copper  facilities.  Finally,  local  carriers 


can  increase  revenue  by  using  the  exist¬ 
ing  copper  pairs  to  deploy  more  ser¬ 
vices,  or  by  leasing  more  copper  pairs  to 
alternative  service  providers. 

Additional  benefits  are  found  in 
HDSL2’s  fast  deployment  and  customer 
turnup,  which  follow  the  example  set  by 
HDSL.  For  most  carriers,  reducing  the 
time  technicians  spend  in  the  field  is  key 
to  the  success  of  a  new  technology. 
Likewise,  quick  turnup  is  essential  for 
maintaining  good  customer  relations 
and  avoiding  lost  revenue.  In  fact,  telcos 
can  provision  high-speed  digital  services 
over  existing  copper  with  HDSL2  within 


24  hours.  That  makes  it  the  fastest  and 
most  cost-effective  option  for  deploying 
T-l/E-1  lines. 

Vendor  interoperability  will  be  anoth¬ 
er  critical  factor  in  the  success  of 
HDSL2.  Because  lack  of  vendor  interop¬ 
erability  creates  difficult  deployments 
and  limits  providers  to  specific  vendors, 
many  providers  are  wary  of  venturing 
into  new  territory.  Although  HDSL  is  the 
most  widely  deployed  DSL,  it  is  not  gov¬ 
erned  by  a  standard. The  pending  HDSL2 
standard,  as  defined  by  the  ANSI  T1E1.4 
committee,  contains  sufficient  technical 
detail  to  let  vendors  deploy  interopera¬ 
ble  products. 

Toward  this  end,  the  indus¬ 
try-led  HDSL2  Consortium, 
composed  of  leading  telecom¬ 
munications  product  and  chip 
vendors,  will  work  together 
with  the  University'  of  New 
Hampshire  Interoperability 
Laboratory  to  test  vendor 
products  for  interoperability'. 
The  combined  efforts  of  the 
Consortium,  the  university  lab 
and  the  committee  are 
expected  to  avoid  interoperability  prob¬ 
lems  such  as  those  associated  with  early 
ISDN  deployments. 

Among  the  most  sophisticated  DSL 
technologies,  HDSL2  benefits  service 
providers  and  subscribers  alike.  To  sum¬ 
marize,  this  copper-saving  technology: 

•  Minimizes  self-induced  noise  using 
offset  bandwidths  in  the  upstream  and 
downstream  directions. 

•  Optimizes  performance  by  reducing 
noise  in  the  presence  of  other  DSL  tech¬ 
nologies  using  “OPTIS”  spectral  shaping. 

•  Allows  transport  of  full  T-l  data  rates 
using  CSA  deployment  guidelines  on  a 
single  copper  pair. 

Ensuring  healthy  competition 
through  interoperability,  HDSL2  benefits 
service  providers  as  well  as  other  market 
segments.  Because  HDSL2  chipsets  and 
products  will  be  available  from  multiple 
sources  in  the  near  future,  competition 
will  increase  as  service  providers 
demand  the  best  products  for  the  best 
prices.  This  will  result  in  economical 
deployments,  and  in  lower  costs  to  con¬ 
sumers  for  T-l  services  delivered  by 
HDSL2. 

Atwell  is  a  product  line  manager  at 
Adtran,  a  maker  of  transmission  / Prod¬ 
ucts  for  high-speed  digital  communica¬ 
tions.  He  can  be  reached  at 
keith.atwell@  adtran.com. 


Midsize  businesses  can  expect  to  find  lower-priced  services  from  carriers 
deploying  HDSL2  because  this  newer  version  of  high-bit-rate  digital  subscriber 
line  lets  providers  reap  additional  revenue  from  existing  copper  infrastructures. 
Because  it  uses  only  two  wires,  HDSL2  consumes  only  half  the  copper  resources 
of  four-wire  HDSL. 


Characteristic 

HDSL 

HDSL2 

Payload 

T-1  at  1 .54M  bit/sec 

T-1  at  1.54M  bit/sec 

Pairs 

One 

Two 

Line  code 

2B1Q 

TC  PAM  with  spectral  shaping 

Line  rate 

2  at  784K  bit/sec 

1 .552M  bit/sec 

Maximum  loop  length 

9,000 -12,000  feet 

9,000-12,000  feet 

(depending  on  wire  gauge) 

Noise  margin  on  CSA  Loops  1-8 

6  decibels 

5  decibels 
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Technology  Update 


Aarhead  —  inside  the  network  machine  .  Mark  Gibbs 


An  inside  look  at  how  new  web  apps  get  data  from  forms 


Bn  the  last  installment  of  Gearhead, 
we  started  to  answer  a  reader’s 
question:  “How  does  a  Web  server 
application  get  data  from  a  form?” 

We  got  as  far  as  discussing  what  goes 
on  in  an  HTTP  transaction,  so  this  week 
well  start  to  answer  the  question.  (This 
is  w  hat  irritates  so  many  noncomputer- 
Iiterate  people  —  they  ask  you  what 
they  think  is  a  simple  question  and 
when,  two  hours  later, you’ve  explained 
the  first  minute  fragment,  they  get 
crank)'.  Rest  assured,  there’s  no  way  out 
of  this  social  problem,  and  you’ll  just 
have  to  get  used  to  the  grief.) 

So,  we  talked  about  the  browser 
sending  the  Web  server  a  GET  request. 
Let’s  look  at  that  GET  request  again. 
GET/stuff/mydoc.html  HTTP/1.0 
User-Agent:  xxxxxx 
Accept:  image/gif,  image/jpeg,  */* 
The  actual  request  (GET/stuff/ 
mydoc.html)  is  in  the  HTTP  header  (in 
fact,  there’s  nothing  but  a  header  in  a 
GET  request)  and  in  this  case,  the 
objective  is  to  retrieve  a  Web  page.  But 
when  a  form  is  involved,  GET  requests 
are  more  complex  because  they 
involve  a  back-end  application.  For 
example: 

GET/cgi-bin/myapp.pl?search= 


Gearhead%20columns&hits=  1 0 
HTTP/1.0 

User-Agent:  xxxxxx 

Accept:  image/gif,  image/jpeg,  */* 

Here  we’re  asking  for  the  Perl 
application  myapp.pl  to  be  run,  and 
we’re  also  supplying  the  data  to  be 
sent  to  the  program,  that  is  the  string 
“search=Gearhead%20columns” . 

Note  the  question  mark  —  every¬ 
thing  following  it  is  called  the  query 
string  and  the  query  string  is  passed  to 
the  application  (which  is  launched  by 
the  Web  server)  in  an  environment 
variable  called  QUERY_STRIN  G. 
(Environment  variables  are  memory- 
based  text  strings  that  most  operating 
systems  provide  for  interprocess  com¬ 
munications.) 

Note  that  the  “%20”  is  the  way  non- 


alphanumeric  characters  are  encoded 
in  URLs  sent  by  Web  browsers.  The 
encoding  is  simply  the  ASCII  hexadeci¬ 
mal  value,  and  the  encoding  is  done  to 
allow  special  characters  to  be  used  to 
separate  the  parts  of  the  URL.  For 
example,  space  characters  define  the 
beginning  and  end  of  the  URL  that  is 
the  target  of  the  GET  request.  Also,  the 
ampersand  separates  arguments  in  the 
URL.  Each  argument  has  the  structure: 
<key>=<value>. 

If  a  form  generated  the  request,  each 
<key>  is  the  name  of  a  field  (defined 
by  that  field’s  NAME  attribute). 

Note  that  a  form  doesn’t  have  to  be 
the  generator  of  the  request  —  the 
same  request  could  be  made  by  an 
application  that  constructs  the  HTTP 
header,  opens  a  TCP  socket  to  a  Web 
server’s  port  (80  by  default)  and  sends 
the  request  directly  —  but  that’s  prob¬ 
ably  best  left  for  another  column. 

Anyway,  to  generate  the  HTTP 
request  above  we  could  use  the  form: 
<form  method=“GET”> 

<p>Search  term:  <input  type= 
“text  ”  name= “search”  size= “  20”  >  </p> 
<p>Number  of  hits:  cinput  type= 
“text”  name=“hits”  size=“20”x/p> 
<pxinput  type=“submit”  value= 


“Submit”x/p> 

<pxinput  type=“reset”  value= 
“Reset”x/p> 

</form> 

Now,  in  the  QUERY_STRING  envi¬ 
ronment  variable  is  the  whole  query 
string  in  its  raw,  encoded  form,  i.e., 
“search=Gearhead%20columns&hits 
=  10”.  This  means  that  the  program 
has  to  pick  apart  the  various  argu¬ 
ments  and  decode  the  encoded  char¬ 
acters.  Luckily,  the  tedious  code  to  do 
this  is  available  in  libraries  for  most  of 
the  major  languages,  Perl  included. 

So,  what’s  the  downside  of  the  GET 
method?  The  space  put  aside  to  hold 
the  operating  system’s  environment 
variables.  Throw  too  many  fields  into 
your  form  or  cram  too  much  data  in  a 
field  and  your  data  gets  truncated  or 
something  else  goes  wrong. 

Is  that  all  there  is  to  it?  Well,  yes,  at 
least  as  far  as  the  GET  method  is  con¬ 
cerned,  but  that’s  not  all.  There’s  also 
the  POST  method,  which,  needless  to 
say,  operates  in  quite  a  different  man¬ 
ner  and  which  we  ll  have  the  pleasure 
of  disemboweling  next  week. 

GET  your  arguments  and  opin¬ 
ions  to  gh@gibbs.com 


Help  Desk,  a 
reader  asks  Editor  Ron  Nutter 
about  synchronizing  time  on 
his  network.  He  has  an  HP-UX 
10.2  server  that  he’d  like  to 
hook  by  modem  to  the 
National  Institute  of  Tech¬ 
nology  and  Standards  to  set 
the  time.  But  the  rest  of  his  net¬ 
work  is  Windows  NT  4.0.  Can 
he  use  TimeServ  in  NT  to 
query  the  HP-UX  server?  And 
which  would  be  better  to  sync 
up  die  net  —  a  dial-up  or  a 
Net  connection?  Find  out 


ews,  tips  and 
tools  from  our 
Web  site 

what  Nutter  suggests. 
DocFinder:  6330 

Whom  do  you  trust? 

Paul  Hoffman,  director  of 
the  Internet  Mail  Consortium, 
tells  us  in  this  week’s  “In  the 
Works”  column  that  S/MIME  is 
avoided  because  of  trust. 
“When  you  start  using  public 
key  cryptography,  you  have  to 
buy  into  a  public  key  infra- 
structure.To  do  that,  you  must 
trust  someone  to  create  cer¬ 
tificates  that  you  can  use  to 
encrypt  mail.  Technically,  this 


is  easy;  in  practice,  it  is  very 
difficult  because  we  don’t 
know  whom  to  trust,”  he  says. 
What  will  it  take  to  pull 
S/MIME  out  of  the  basement? 

DocFinder:  633 1 

Bargaining  chips 

Sitting  down  to  negotiate  a 
salary  increase  or  job  offer  can 
be  daunting.That’s  why  Career 
Doctor  Shaun  Kelly  offers  11 
tips  for  getting  what  you  want 
at  the  bargaining  table.  “Em¬ 
ployment  negotiations  are  dif¬ 
ferent  from  other  types  of  ne¬ 
gotiations,”  he  says.  “When  the 
negotiations  are  over,  you  will 
have  to  work  with  your  for¬ 
mer  ‘adversary’  on  a  daily 
basis;  more  importantly,  your 
career  success  may  depend  on 
the  person  with  whom  you 
have  just  finished  negotiating.” 
Chime  in  with  your  own  tips. 

DocFinder:  6332 


Y2K:  Over  and  out? 

Columnist  Fred  McClimans 
says  we  haven’t  seen  the  last 


_ 


of  the  millennium  bug.  But  as 
the  panic  attack  dwindles  and 
firms  start  peering  at  their 
empty  IS  wallets,  who  will  suf¬ 
fer  the  wrath?  Tell  us  what 
you  think. 

DocFinder:  6333 


Power  shifts 

If  you  read  last  week’s 
Power  Issue,  you  got  a  good 
helping  of  who’s  on  top  and 
who’s  not.  But  as  you  well 
know,  things  can  change 
based  on  which  technologies 
grab  the  spotlight.  Readers 
say  one  power  shift  could 
happen  based  on  whether 
companies  forge  ahead  with 
e-mail  filtering  or  if  they  back 
off  and  trust  their  employees. 
What  challenges  do  you  see 
on  the  horizon? 

DocFinder:  6334 


Used  gear 


Auctions  are  taking  hold  in 
the  networking  industry  and 
they  are  offering  IS  managers 
ance  to  get  gear  cheap. 


Have  you  bought  second¬ 
hand  gear  online?  And  if  so, 
how  has  it  worked? 

One  reader  says  it  helped 
him  get  up  to  speed  quickly 
and  inexpensively.  “I  pur¬ 
chased  three  used  Cisco 
2501  routers,  which  did  won¬ 
ders  for  my  various  certifica¬ 
tion  exams.  Most  importantly, 
[they  have]  helped  get  me 
ready  to  face  customer’s  net¬ 
working  problems  by  simu¬ 
lating  the  environment 
beforehand,”  he  says.  What  do 
you  think? 

DocFinder:  6335 


3G  Network  World  January  1  0,  2000  www.nwfusion.com 


■%/aM 


In  today's  Internet  economy,  success  depends  on  the  quality  of  your 
Internet  infrastructure.  Globix  Internet  Data  Centers  and  high-speed  network 
are  engineered  to  deliver  all  of  the  reliable  power,  performance  and  physical 
security  you  need  and  much  more. 

At  Globix,  you’ll  have  confidence  that  your  Internet  business  is  protected 
and  secure  at  all  times.  Security  begins  with  professional  guards  on  site 
24  x  7  x  365.  ID  key  cards,  biometric  scanners,  and  closed-circuit  cameras 
control  access  and  monitor  restricted  areas.  There  are  no  master  keys  to  our 


reinforced  steel  cabinets  and  cages.  And  for  complete  environmental 
protection,  FM200  dry  fire-suppression  systems  and  fully  redundant  Liebert 
climate  control  systems  are  standard. 

Industrial  strength  security  engineering  is  just  one  of  the  many  Globix 
advantages.  So,  before  you  invite  millions  of  customers  to  your  e-business,  or 
launch  your  mission-critical  Internet  applications,  call  us  for  a  free 
consultation.  Or,  arrange  a  tour  of  one  of  our  state-of-the-art  Internet  Data 
Centers  and  see  the  Globix  difference  for  yourself! 


The  Global  Internet  Exchange 


1-877-7-6  LOBIX,  ext.1402  •  www.globix.com 


Co-Location  •  Web  Hosting 


•  Dedicated  Access  •  Streaming  Media  •  E-Commerce  •  Internet  Security/VPNs 


“Globix"  and  the  stylized  “G"  logo  are  trademarks  of  Globix  Corporation.  ©  Copyright  1999  Globix  Corporation.  All  Rights  Reserved.  NASDAQ:  GBIX 
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Editorial 

Hats  off  to  the  Y2K 

warriors 

By  now  you  are  sick  of  reading  about 
how  Y2K  was,  in  the  words  of  the 
popular  media,  a  non-event. 

Of  course  it  was.  But  what  John  Q. 
Public  doesn’t  realize  is  how  much  of  your 
sweat  and  blood  went  into  ensuring  it  was  a 
non-event. 

In  fact,  even  as  we  gladly 
begin  to  put  it  all  behind  us, 
the  world  seems  to  feel  kind 
of  gypped.  After  all,  there  is 
nothing  like  a  pending  disas¬ 
ter  to  bring  people  together. 

It’s  the  basic  storm  mental¬ 
ity.  People  are  downright  con¬ 
genial  when  they’re  socking 
away  provisions  for  a  coming 
blow.  Chatter  in  supermarkets 
increases  and  neighbors  sud¬ 
denly  have  something  to  say  to  people  they 
don’t  otherwise  talk  to. 

Y2K  was  even  better  conversation  material 
because  it  lasted  for  more  than  a  year  and  it 
wasn’t  regional. You  could  talkY2K  to  com¬ 
plete  strangers  almost  regardless  of  location  or 
vocation.  Case  in  point:  I  was  making  a  Christ¬ 
mas  visit  to  the  98-year-old  woman  whose 
house  I  bought  a  few  years  ago,  and  when  I 
went  to  leave  she  asked  if  I  w  ould  mind  fixing 
her  flashlights  “in  preparation  forY2K." 

But  after  the  big  buildup,  all  the  public  had 
to  satisfy  its  hunger  for  disaster  was  a  few 
wafer-thin  glitches.  For  example,  the  Bureau  of 
Alcohol, Tobacco  and  Firearms  had  to  shut 
down  its  Firearms  Licensing  System  when  it 
couldn’t  read  the  date  on  applications. 

John  Koskinen,  chairman  of  the  President's 
Council  on  Year  2000  Conversion,  last  Monday 
reported  that  he  had  spoken  to  36  state  gov¬ 
ernment  Y2K  coordinators,  of  which  18  had 
no  glitches  to  report. The  other  18  had  only 
minor  problems. 

More  interesting,  Koskinen  said  one  state 
had  replaced  three  non-mission-critical  sys¬ 
tems  “related  to  correspondence  and  message 
tracking,”  but  left  the  old  systems  running.  All 
three  failed  at  the  appointed  hour. 

Unfortunately,  not  enough  of  that  kind  of 
information  will  circulate  to  validate  your  hard 
work.  The  industry  so  thoroughly  eradicated 
the  bugs  that  the  public  was  left  thinking  the 
whole  thing  was  overblown. 

So  be  it. 

What  is  annoying,  however,  are  the  doom- 
sayers  who  won’t  let  it  go.  They’re  already  out 
there  wagging  their  lingers  and  shouting  that 
we  haven’t  seen  the  last  ofY2K  yet.They’re 
probably  right,  but  only  to  some  small  degree. 
For  the  moment,  let’s  revel  in  our  success. 

—  John  Dix 
jdix@nww.com 


|  Message  Queue 

Better  red  than  dead 

Regarding  the  news  brief  “NT  4.0  passes 
security  muster”  (Dec.  13,  1999,  page  6): 

It  is  very  misleading  to  portray  NT  as  having 
the  C2-level  security  rating  without  telling  read¬ 
ers  the  whole  story.  NT  4.X  has  obtained  orange 
book  C2-level  certification,  which  does  not 
include  having  a  network  interface  card  installed. 

So  the  certification  is  for  stand-alone  systems 
only,  which  means  it  isn’t  much  good  for  most  users. 

If  a  company  wants  its  entire  network  certified,  it 
will  have  to  select  a  network  operating  system 
from  the  red  book  class,  such  as  NetWare  or  a  cou¬ 
ple  of  Unix  variations  that  meet  these  criteria. 

David  Maurice 
NetWare  and  NT  administrator 
San  Antonio,  Texas 

Unnecessary  migration 

With  his  column  “The  implosion  of  token  ring” 
(Dec.  13,  1999,  page  26),  Kevin  Tolly  does  the  mil¬ 
lions  of  token-ring  users  a  grave  disservice. Tolly  is 
advising  tens  of  thousands  of  companies  —  mostly 
small  and  midsize  enterprises  —  to  begin  the  “mas¬ 
sive  migration”  and  “forced  march”  to  Ethernet. 

This  point  of  view  is  decidedly  not  in  the  best 
interests  of  these  customers.  Companies  have  sub¬ 
stantial  investments  in  their  token-ring  networks  and 
are  generally  not  willing  to  discard  them,  recable 
their  facilities,  install  an  all-new  infrastructure,  retrain 
their  staffs  and  incur  all  the  other  costs  associated 
with  such  a  massive  migration  without  a  clear,  com¬ 
pelling  return  on  that  in  vestment.  Tolly  does  not  pro¬ 
vide  —  nor  has  anyone  provided  —  that  clear,  com¬ 
pelling  return. 

Switching  and  100M  bit/sec  token  ring  represent 
an  ideal  way  for  customers  to  extend  their  invest¬ 
ment  in  token  ring  into  the  Internet  age.  As  a  compa¬ 
ny’s  applications  demand  higher  bandwidth  to  the 
desktop,  100M  bit/sec  network  interface  cards  and 
switches  represent  a  complete  solution  at  a  low, 
incremental  cost.The  superior  quality  of  service  of 
token-ring  networks  over  Ethernet  networks  is  well- 
documented,  and  token  ring  is  ideal  for  deploying  the 


emerging  Internet-based  applications,  from 
hosted  productivity  applications  to  IP  telephony. 

Michael  Jackman 
General  Manager  — Americas 
Madge,  con  nect 
San  Jose 


Take  a  SIP 


It  was  good  to  finally  see  an  article  on  Internet 
standards-based  telephony,  such  as  Session  Initiali¬ 
zation  Protocol  (SIP)  (“New  protocol  connects 
voice  over  IP,”  Dec.  13,  1999,  page  51).  However,  the 
author  failed  to  mention  the  main  reason  why  engi¬ 
neers  from  service  providers  and  numerous  ven¬ 
dors  have  submitted  a  flood  of  Internet  drafts  to 
the  IETF:  the  potential  for  new  services  based  on 
SIP’s  HTTP-like  architecture  and  integration  of 
voice  with  Web  services. 

Statements  such  as  “  [SIP  is]  not  any  better  or  worse 
[than  H. 323],  just  different”  gloss  over  real  reasons 
why  service  providers,  hardly  a  negligible  segment  of 
the  market,  are  implementing  SIR  Maybe  a  follow-up 
article  on  SIP-based  services  would  do  better. 

Henry  Sinnreich 
Richardson,  Texas 


America  first 


I  find  it  ironic  that  your  HI -B  article  was  titled 
“Using  your  visa  card”  (Dec.  13, 1999,  page  69).This 
“buy  now,  pay  later”  mentality  is  an  unfortunate  mind¬ 
set  among  many  high-tech  companies  in  America 
today.  Rather  than  investing  in  re-education  and  train¬ 
ing  of  American  citizens,  these  companies  take  the 
easy  way  out  by  importing  foreign  nationals.  Also,  I 
have  read  disturbing  reports  of  age  discrimination  in 
the  high-tech  industry,  which  only  fuel  to  the  fire. 

The  AEA,  IEEE-USA,AFL-CIO  and  others  have 
rightly  opposed  using  mass  immigration  to  solve  the 
imagined  high-tech  worker  shortage,  and  fortunate¬ 
ly,  legislation  to  double  the  current  cap  (65,000)  on 
Hl-B  visas  has  been  defeated  in  Congress. 

I  would  encourage  everyone  to  visit  the  Web  site  of 
The  Federation  for  Immigration  Reform  (www. 
fairus.org)  to  learn  more  about  this  important  subject. 

Andre  Caesar 
Portland,  Ore. 


Send  letters  to  nwnews@nww.com  or  John 
Dix,  editor  in  chief,  Network  World,  161 
Worcester  Road,  Framingham,  MA  01701. 
Please  include  phone  number  and  address 
for  verification. 
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Bottom  Line  .  Joel  Snyder 

Reliability:  Something  you  build,  not  buy 


ome  people  might  think  it’s  been  a  bad  cou¬ 
ple  of  months  for  reliability.  MCI  WorldCom 
lost  a  big  chunk  of  its  frame  relay  network  for 
more  than  a  week.  AT&T’s  Internet  service 
was  inaccessible  for  almost  a  full  day.  Critical 
Path’s  e-mail  service  has  kept  some  ISP  cus¬ 
tomers  away  from  their  e-mail  for  hours  at  a  time. 
Sheraton’s  Web  site  got  hacked  and  was  not  taking 
e-reservations  for  more  than  an  e-day  —  that’s 
seven  days  in  normal  time. 

However,  believe  it  or  not,  there  is  a  bright  side  to 
these  outages. They  help  company  decision  makers 
understand  a  basic  and  underlying  design  principle 
of  the  Internet:  Reliability  is  not  part  of  the  basic 
package. 

Before  the  Internet,  most  telecommunications  net¬ 
works  were  designed  and  built  to  be  as  bulletproof 
as  possible. That’s  a  great  design  principle,  but  it  has 
a  drawback:  Ultra-reliable  systems  are  expensive  sys¬ 
tems.  High-reliability  networks  also  tend  to  be  slow 
—  you  get  superhigh  reliability  by  having  elaborate 
procedures  for  change  and  configuration  control, 


administrative  checks  and  balances,  and  big  opera¬ 
tions  staffs  to  watch  over  it  all. 

The  Internet’s  infrastructure  doesn’t  have  that  kind 
of  control.  It’s  fast  moving,  and  it’s  a  99%  solution, 
meaning  99%  of  the  time,  it  works  incredibly  well. 
And,  as  we’ve  all  discovered,  it’s  dirt  cheap. The  last 
X.25  line  I  ever  bought  cost  $1,400  per  month  and  a 
nickel  for  every  packet,  at  9.6K  bit/sec.  Now,  I  can  get 
a  digital  subscriber  line  for  $60,  run  at  256K  bit/sec 
and  no  one  is  counting  packets.  Amazingly  cheap. 

But  these  incredibly  low  costs  come  with  trade¬ 
offs,  including  reduced  reliability. The  problem  is 
that  some  businesses  see  the  lower  costs  but  don’t 
understand  that  they’re  giving  up  something  when 
they  save  that  kind  of  money.  They  think  that  if 
they’re  giving  AT&T  $19. 95  per  month  for  Internet 
access  that  they  have  a  reasonable  expectation  it 
will  work,  all  the  time,  flawlessly.  Oh,  and  no  busy 
signals,  either. 

That’s  why  I  like  to  see  a  couple  of  high-profile 
outages  now  and  then.  It  reminds  people  that  the 
Internet  is  not  100%  reliable.  As  more  and  more  busi¬ 


nesses  come  to  depend  on  the  Internet  for  business- 
critical  communications,  they  need  an  occasional 
reminder  of  what  they’re  paying  for  —  and  what 
they’re  really  getting. 

The  solution  is  not  to  throw  money  at  the  prob¬ 
lem.  Buying  Internet  service  from  AT&T,  as  we  have 
learned,  is  not  necessarily  getting  you  anything  bet¬ 
ter  than  you  could  get  from  Joe’s  Bar  &  Internet.  In 
fact,  the  MCI  WorldCom  and  AT&T  outages  have 
shown  very  clearly  that  big-name  companies  have 
no  edge  when  it  comes  to  keeping  their  networks 
running. 

In  the  Internet  era,  reliability  is  becoming  some¬ 
thing  you  have  to  build,  not  something  you  buy. 
That’s  hard  work,  and  it  requires  intelligence,  skills 
and  budget. You  have  your  choice.  Are  you  a  99% 
company,  or  are  you  a  100%  company? 

Snyder,  a  Network  World  Test  Alliance  partner,  is 
a  senior  partner  at  Opus  One,  a  consultancy  in 
Tucson,  Ariz.  He  can  be  reached  at  Joel.Snyder@ 
opusl.com. 


Speaking  the  LANguage  .  Linda  Musthaler 

In  E-COMM,  customer  service  should  be  fundamental 


International  Data  Corp.  has  dubbed  1999  the 
watershed  year  between  “the  age  of  e-com- 
merce  pioneers”  and  “the  age  of  diffusion  and 
competition.” 

Most  large  companies  with  a  product  or  ser¬ 
vice  to  sell  have  already  deployed  a  business-to- 
consumerWeb  site. 

But  merely  having  a  sales  presence  on  the  Web 
is  no  longer  a  differentiator.  A  good  e-tailer  needs 

other  attributes  to  differen¬ 
tiate  itself  from  its  compe¬ 
tition,  such  as  product, 
price,  a  gimmick,  or  just 
good,  old-fashioned  cus¬ 
tomer  service. 

As  we  get  more  comfort¬ 
able  with  online  shopping, 
however,  our  willingness  to 
overlook  technical  glitches 
or  other  bad  experiences  diminishes. 

We  get  to  the  point  where  one  negative  ex¬ 
perience  will  make  us  avoid  that  company’s  Web 
site  for  good.  In  fact,  one  such  instance  left  me 
with  such  a  bad  impression  that  not  only  am  I 
hesitant  to  visit  the  company’s  Web  site  again, 

I’m  inclined  to  walk  past  the  brick-and-mortar 
storefront  as  well. 

On  Nov.  11,1  placed  an  order  with  a  well-known 
toy  e-tailer.  Just  placing  my  order  was  a  real  feat.  I 
tried  for  several  hours  to  get  into  the  Web  site,  only 
to  be  told  that  its  servers  were  overwhelmed  due 
to  demand. 

When  I  finally  got  to  the  site,  I  selected  two 
items  I  wanted  and  noted  that  both  were  in  stock.  I 
put  them  in  my  shopping  cart,  went  through  the 


cumbersome  checkout  process  and  received  an 
electronic  notification  that  my  order  was  received 
and  being  processed.  I  expected  delivery  of  my 
purchases  within  a  week  to  10  days,  as  I  did  not 
request  special  delivery. 

Two  weeks  went  by,  and  I  received  nothing  and 
heard  nothing  from  the  e-tailer.  I  went  back  online 
to  check  my  order  status  and  saw  that  it  was  still 
“in  process.” Another  week  passed  and  no  progress 
was  made. 

Finally,  on  Dec.  5, 1  received  an  e-mail  saying  my 
order  would  be  shipped  within  five  to  seven  busi¬ 
ness  days.  “Sorry  for  the  delay,”  the  e-mail  said,  “but 
we’ve  had  big  demand  for  our  products  this  sea¬ 
son.  Here’s  an  e-coupon  good  for  $10  off  your  next 
online  purchase.” 

Meanwhile,  I  anticipated  that  I  would  soon 
receive  the  two  items  I  had  ordered.  Imagine  my 
surprise  when,  three  days  later,  a  box  arrived  with 
just  one  item  in  it.  A  note  inside  said  the  other  item 
was  out  of  stock,  so  they  cancelled  my  order  for  it, 
without  even  asking  me  if  that  was  OK. 

This  kind  of  behavior  might  have  been  accept¬ 
able  during  the  pioneering  age  of  e-commerce,  but 
it  is  definitely  not  acceptable  in  the  age  of  online 
competition. 

What  bothers  me  most  is  that  I  was  not  kept 
informed  of  the  progress  or  problems  in  fulfilling 
my  order,  which  would  have  been  so  easy  to  do  via 
e-mail. 

This  brings  me  to  my  Fundamentals  of  Customer 
Service  for  Online  Shopping  —  or,  more  broadly, 
e-commerce  in  general: 

•  Keep  the  customer  informed  and  involved.  I 
would  have  been  less  angry  if  this  toy  company  had 


kept  me  informed  of  the  progress  of  my  order. 
When  it  was  discovered  that  an  item  was  out  of 
stock,  why  wasn’t  I  informed,  and  why  didn’t  the 
company  offer  to  send  it  later?  I  probably  would 
have  accepted  a  backorder  slip.  Instead  the  com¬ 
pany  simply  cancelled  my  order  and  lost  a  sale  — 
and,  quite  likely,  a  customer. 

•  Don’t  make  promises  you  can’t  keep. Telling  me 
that  an  item  was  in  stock  when  I  placed  the  order 
was  an  implied  promise.  Making  a  promise  you  can’t 
keep  leads  to  disappointed  customers. 

•  Anticipate  demand,  and  then  multiply  that  by 
10.  This  company  was  clearly  unprepared  for  the 
demand  its  nationwide  advertising  campaign  gener¬ 
ated.  There  are  two  issues  here.  On  the  technical 
side,  the  servers  and  software  couldn’t  handle  the 
access  demands.  On  the  logistical  side,  the  com¬ 
pany’s  order  fulfillment  system  couldn’t  process 
orders  fast  enough.  If  this  company  wants  to 
play  in  the  big  leagues,  both  issues  must  be 
addressed  quickly. 

•  Follow  up  to  make  sure  the  customer  is  truly 
satisfied.  Despite  the  $10  e-coupon,  I’m  not  going  to 
visit  that  shopping  site  anytime  soon.  This  experi¬ 
ence  reminded  me  that  toy  e-tailers  are  a  dime  a 
dozen  on  the  Internet,  and  I’ll  keep  looking  until  I 
find  one  with  superior  customer  service. 

Companies  that  want  e-commerce  success  need 
to  remember  that  online  shoppers  have  endless 
choices. The  winner  will  be  the  e-tailer  that  puts 
customer  service  first. 

Musthaler  is  vice  president  of  Currid  &  Company, 
a  technology  consulting  firm  in  Houston.  She  can 
be  reached  at  linda@curnd.com. 
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DIARY  OF  A 
HACK  ATTACK 


BY  DEBORAH  RADCLIFF 


n  a  crisp,  sunny 
November  day  in  the 
nation's  capital,  in  the 
sparsely  furnished  sec¬ 
ond-floor  office  of  Para- 
Protect,“Bob  the  hacker” 
hunches  over  his  moni¬ 
tor  and  fires  off  Unix 
command  lines  in  short, 
machine  gun  blasts. 

Bob  is  testing  the 
perimeter  defenses  of  a  certified 
Internet  mail  delivery  company, 
which  is  paying  for  the  privilege. 

The  start-up  e-business  doesn’t 
have  the  budget  to  pay  for  a  full¬ 
blown  assault  on  its  network,  which 
would  involve  Bob  actually  taking 
down  the  company’s  servers.And 
besides,  it  can’t  afford  to  have  its 
e-business  servers  down  for  any 
length  of  time.  But  it  has  hired  Para- 
Protect,  an  information  security  con¬ 
sulting  company  in  Alexandria,  Va., 
to  conduct  a  scouting  expedition. 

And  they’ve  agreed  to  allow  me  to 
tag  along  on  the  mission,  code- 
named  Alabama,  as  long  as  I  keep 
Bob's  identity  and  the  name  of  the 
e-business  secret. 

These  paid-for  front-line  assaults 
are  a  good  starting  point  for  network 
protection  because  the  tests  (often 
referred  to  as  “red  teaming”  or  “pene¬ 
tration  tests”)  can  offer  a  baseline  for 
information  security  policies  and 
practices,  industry  professionals  say. 

With  networked  systems  under 
attack  from  every  direction  —  the 
Internet,  modems  and  even  dis¬ 
gruntled  employees  —  the  need  for  such  services  is 
on  the  rise.  By  2003,  the  security  consulting  services 
market  will  likely  reach  $14.83  billion,  according  to 
market  research  firm  International  Data  Corp. 

Venture-funded  e-business  start-ups  such  as  Para- 
Protect’s  client  are  especially  vulnerable  to  attack. 
Because  of  the  intense  pressure  to  get  to  market 
quickly,  these  start-ups  are  often  building  their  infra¬ 
structures  too  fast  to  give  security  the  thought  it 
deserves,  information  security  practitioners  say. 

We  have  worked  with  companies  that  don’t  have  a 
firewall.  Most  often,  they  are  small  start-ups  that  just 
got  their  venture  money  and  have  hired  50  people. 


We  go  behind  the  scenes  as  a  hacker  for  hire 
tests  an  e-business's  security  perimeter. 


Then  they  get  hacked,  and  they  realize  they’re  sud¬ 
denly  more  of  a  target  than  they  used  to  be,”  says  Ian 
Poynter,  founding  president  of  security  consulting  firm 
Jerboa  in  Cambridge,  Mass. 

In  our  case,  the  e-business  start-up’s  only  line  of 
defense  is  a  Cisco  8000  router.  If  the  router  can 
deflect  our  probes,  the  company  can  use  the  support¬ 
ing  documentation  from  our  report  to  show  its  cus¬ 
tomers  that  its  public-key  infrastructure  (PKI)-based 
application  is  secure. 

But  the  folks  at  Para-Protect  are  skeptical.  “We  dis¬ 
agree  that  the  company  doesn’t  need  a  firewall.You 
don’t  protect  your  perimeter  using  just  a  router  even 


if  they  are  smarter  [than  they 
used  to  be].  Firewalls  offer  more 
filtering  methods,  and  you  need 
multitier  security  levels,”  says 
Robert  Perholtz,  enterprise 
account  manager  at  Para-Protect. 

The  battle  lines  drawn,  the 
attack  begins. 


08:00 

The  bargain-basement  desks 
and  folding  tables  are  a  dead  give¬ 
away  that  Para-Protect’s  second- 
floor  lab  has  been  tossed  together 
in  a  hurry.  A  fidgety  Bob  is  already 
on  his  second  Pepsi  of  the  day. 
With  his  dark  brown  hair  slung 
back  in  a  long,  messy  ponytail  and 
his  beard  growing  to  his  waist, 
Bob  fits  the  physical  profile  of  the 
stereotypical  subversive  hacker. 

But  don’t  let  his  looks  fool 
you.  Bob  is  a  former  U.S.Army 
sergeant  and  computer  analyst 
for  the  Army,  the  Pentagon,  and 
the  Defense-Wide  Information 
Systems  Agency,  which  supports 
all  of  the  U.S.  Department  of 
Defense.  His  last  assignment  was 
with  the  Defense  Department’s 
Computer  Emergency  Response 
Team  (CERT).To  hear  Perholtz 
tell  it,  hacker  Bob  got  out  of  the 
Defense  Department  and  hasn’t 
cut  his  hair  or  beard  since. 

Bob  tells  me  that  the  first  order 
*  of  business  is  to  learn  more  about 
I  our  target.  We  start  by  paying  a 
|  visit  to  the  victim’s  Web  page, 

I  replete  with  information  about  its 
ethics,  partners  and  history. 

“During  discovery,  we’re  look¬ 
ing  for  partner  affiliates  to  find  corporate  links  to  the 
network, ”  Perholtz  says. “Often,  fringe  organizations 
aren’t  as  secure  as  the  main  network.” 

We  find  nothing  that  stands  out.  So  we  go  to  the 
InterNIC  and  ARIN  registrars  (services  that  assign  and 
record  domain  information)  and  key  in  a  “ whois”  com¬ 
mand.  It  spits  out  the  domain  name  of  our  client  and 
verifies  the  IP  addresses  we’re  about  to  attack. 

Not  only  do  these  services  give  us  the  IP  addresses 
of  the  target’s  three  servers,  they  also  give  away  other 
strategic  information,  such  as  company  nicknames,  and 
even  the  names  and  phone  numbers  of  those  adminis¬ 
tering  the  machines. 
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With  the  information  provided  by  these  services,  we 
can  get  an  overall  picture  of  our  target's  network  con¬ 
figuration,  Bob  says.  At  this  point,  were  only  looking  to 
verify  the  domain  information  of  our  intended  target. 

It  would  be  a  real  bummer  if  we  hit  the  wrong  victim. 

09:36 

The  next  step  is  to  run  traceroute  against  our  three 
target  IP  addresses.Traceroute  is  a  utility  within  Unix 
and  Windows  NT  used  by  administrators  to  trace  pack¬ 
ets  traveling  between  a  source  and  destination.  In  our 
case,  traceroute  shows  us  that  the  router  is  blocking  our 
packets,  so  we  deduce  that  the  router  is  doing  its  job. 

But  we  were  able  to  trace  outgoing  traffic  to  a  spe¬ 
cific  port  number,  which  our  victim  uses  to  connect  to 
its  ISP,  UUNET.  Bob  makes  note  of  this  in  his  log. 

It’s  time  to  grab  some  hacker  tools.Although  Para- 
Protect  keeps  a  database  full  of  its  favorite  tools, 
Perholtz  runs  a  Web  search  on  “hacker  tools”  to  show 
just  how  available  these  are  to  anyone.  Our  search 
turns  up  2,070  hits,  including  tools  such  as  the 
Shadow  Advantis  Administrator  tool  set,  which  sends 
timed  pings  to  a  specified  range  of  ports.The  pings  are 
slow  enough  and  small  enough  to  fall  beneath  the 
radar  of  intrusion-detection  software. 

Hacker  Bob  prefers  network  mapping  (nmap), 
which  does  much  the  same  thing.  Nmap,  also  available 
from  the  Web,  is  an  DP  network  discovery  tool  devel¬ 
oped  by  a  hacker  named  Fydor.  But  really,  it’s  a  port 
scanner  on  steroids.  In  addition  to  finding  open  ports, 
it  can  change  the  characteristics  of  outgoing  packets 
to  get  past  the  router’s  IP  filtering  list. 

Throughout  the  day,  Bob  will  run  several  types  of 
nmap  scans:  (For  more  technical  detail,  visit  www. 
insecure.org/nmap.) 

•  SYN,  used  to  establish  a  TCP  session.  When  the  tar¬ 
get  responds  back,  we  know  the  host  is  active.  When  it 
doesn’t  respond  to  ping,  we  know  the  host  is  blocked. 

•  FIN,  which  uses  a  bare  packet  as  the  probe  to 
determine  if  a  port  is  open  or  closed.  From  this  we 
could  guess  what  well-known  services  may  be  run¬ 
ning  based  on  what  the  open  ports  are  generally 
used  for.  Even  if  the  port  is  closed,  it’s  required  to 
respond  with  a  reset  packet  (RST). 

If  a  RST  bounces  back,  the  port  is 
closed.  If  nothing  is  returned,  it 
means  the  port  is  open. 

•  Fragmentation  scanning.  When 
a  packet  reaches  a  host,  the  target 
has  to  reassemble  the  packet  in 
order  to  make  sense  of  it. 

Fragmented  packets  confuse  these 
machines  and  can  potentially  bypass 
access  controls. 

Our  first  nmap  scan  in  SYN  is  ter¬ 
minated  because  Bob  misconfigures 
the  command  line,  which  he  discov¬ 
ers  later  in  the  day.  Bob  gets  another 
Pepsi  from  the  fridge  down  the  hall. 

Then  he  pays  a  visit  to  UUNET 
and  uses  the  subcommand 
“nslookup”  to  ask  UUNET’s  Domain 
Name  System  (DNS)  to  tell  us  which 
machines  it  knows  from  our  target 
network.  UUNET  gives  us  three  domain  names  that 
come  from  our  victim:“mail,”“www”and  another 
name  Bob  doesn’t  want  mentioned  because  it  would 
give  away  our  target. 

There  are  probably  a  number  of  other  machines 
connected  to  the  network,  but  Bob  says  they’re  out¬ 
side  the  scope  of  our  investigation.  However,  the  DNS 
server  does  point  out  which  of  our  IP  addresses  is  our 
target  Web  server.  We  already  know  which  machine  is 
the  router.  So  we  make  an  educated  guess  that  our 


Hack  attack  game  plan 

Most  security  experts  use  the  same  four-step 
methodology  when  conducting  an  attack  and 
penetration  test: 

Phase  One 

•  Scope  the  target  (find  subsidiaries,  IP  addresses,  types  of 
machines). 

Phase  Two 

•  Scan  the  target  for  vulnerabilities  (ping  ports  and  look  for 
services  running  off  those  ports). 

Phase  Three 

•  Exploit  vulnerabilities  (break  in  through  vulnerable  services, 
copy  password  files,  crack  them,  etc.). 

Phase  Four 

•  Attack  the  target  to  disrupt  service  and  bring  down  vital  boxes. 

The  e-business  in  this  story  chose  to  limit  the  attack  to  Phases 
One  and  Two  because  of  the  cost  and  the  fact  that  it  didn't  want 
its  network  taken  down. 

third  IP  address  is  our  target’s  PKI/proxy  server. 

We’ve  now  diagrammed  the  network.  A  router  sits 
as  sentry  to  a  Web  server,  a  proxy  server  and  another 
server,  likely  the  mail  server.  It’s  time  to  find  out  what 
services  are  running  on  those  servers.Attackers  often 
look  for  services  with  known  vulnerabilities  and 
exploit  those  first. 

Veiling  his  identity  through  a  local  ISP,  Bob  telnets  to 
Port  80.  We  knew  Port  80  would  be  open  99%  of  the 
time  because  network  administrators  leave  Port  80 
open  for  Web  traffic.Telneting  into  Port  80  shows  us 
what  is  running  on  the  HTTP  server:  Microsoft’s 
Internet  Information  Server  4.0,  which  is  a  dead  give¬ 
away  that  the  operating  system  is  NT. 

Then  the  phone  rings.The  client  is  getting  access 
control  list  warning  messages  on  its  router  from  Bob’s 
and  his  ISP’s  IP  addresses. The  administrators  just  want 
to  make  sure  it’s  us  and  not  some  other  hacker.  Bob 
assures  them  it  is. 

Now  that  the  victim  knows  we’re  rattling  its  doors, 
Bob  forgoes  the  low  and  slow  port  scanning  method, 
which  would  have  taken  days. 
Instead  he  launches  a  second  nmap 
FIN  scan  against  the  entire  range  of 
ports  (1  through  65334). 

“This  makes  a  lot  of  noise,”  Bob 
says  as  he  swigs  his  Pepsi.  “But  nor¬ 
mally  it  would  take  days  to  do  this 
beneath  the  radar  of  intrusion 
detection.  We  have  a  two-day  time 
constraint,  so  we  have  to  do  every¬ 
thing  now.” 

The  scan  turns  up  nothing  spe¬ 
cial.  Only  the  ordinary  services, 
such  as  FTP  and  HTTP,  are  run¬ 
ning,  meaning  we’re  looking  at  a 
plain  vanilla  box.  However,  if  con¬ 
figured  wrong,  FTP  (or  any  stan¬ 
dard  service)  could  be  exploited 
by  hackers. 

12:30 

It’s  time  for  a  break,  so  we  head  next  door  to  the 
Vietnamese  grill  for  a  bite  to  eat.  Bob’s  telling  me 
how  his  next  step  would  be  to  find  vulnerabilities  in 
the  network,  the  operating  systems  and  the  applica¬ 
tions  running  on  the  servers.  But  that’s  outside  the 
scope  of  this  job. 

Once  discovery  is  completed,  you’d  be  surprised  just 
how  easy  it  is  to  break  into  an  NT  or  Unix  machine. 

At  an  extreme  hacking  course  at  Ernst  and  Young  in 
Houston  that  I  attended  over  the  summer,  the  class 
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broke  into  NT  and  Unix  machines  with  reckless  aban¬ 
don.  For  example,  we  started  in  on  an  NT  machine  by 
establishing  a  null  session.  Null  is  a  Microsoft  utility 
that  allows  services  to  communicate  with  one  another 
without  user  passwords  or  identification.  By  logging 
on  as  null,  we  were  able  to  see  everything  we  wanted: 
password  files,  user  accounts  and  network  services 
that  we  could  exploit.  And  none  of  this  was  logged. 

In  null,  we  couldn’t  touch  anything,  but  that  didn’t 
stop  us  from  copying  down  user  names.Then  we 
logged  back  on  under  the  user  name  “backup”  and  a 
guessed  password  “backup  "At  this  point,  we  grabbed 
the  password  hashes  (encoded  passwords)  and  sub¬ 
mitted  them  to  lOphtcrack  and  John  the  Ripper,  both 
of  which  are  password-cracking  tools  freely  available 
on  the  Web. 

It  only  took  1 5  minutes  to  crack  70%  of  the  pass¬ 
words,  log  on  as  a  super  user  and  gain  root  access. 
Then,  for  the  final  slap  in  the  face,  we  hid  our  bag  of 
hacker  tools  behind  a  readme.txt  file  on  the  victim’s 
server  to  use  again. 

NT  passwords  are  the  easiest  to  crack,  according  to 
my  Ernst  and  Young  instructor,  Eric  Shultz.That’s 
because  Microsoft’s  LAN  Manager  splits  passwords  into 
seven-character  halves  and  uses  a  known  constant  to 
encrypt  each  half.  Cracking  tools  are  programmed  for 
this  and  can  thus  decrypt  the  passwords  very  quickly. 
And  the  only  way  administrators  can  catch  our  bag  of 
hacker  tools  hidden  on  the  network  is  to  set  the  log  files 
to  alert  them  when  disk  space  changes  significantly. 

Although  we  used  different  command  lines  and 
Unix-based  tools,  gaining  root  on  Unix  during  the  class 
was  also  pretty  easy.  In  fact,  we  leapfrogged  through 
four  networked  Unix  machines  in  a  game  of  capture 
the  flag.  We  also  had  a  little  fun  corrupting  the  DNS 
server  to  reroute  traffic  to  a  phony  IP  address.Then  we 
installed  Trojan  horses  such  as  Back  Orifice  so  the 
machine  would  do  our  bidding  and  punched  open 
back  doors  so  we  could  telnet  back  in  without  the 
need  for  IDs  or  passwords. 

The  Para-Protect  folks  do  a  fair  amount  of  these 
kinds  of  full-blown  attacks  on  a  network,  as  well.  And 
judging  from  his  body  language,  Bob  the  hacker 
would  really  like  to  conduct  further  investigation 
into  the  vulnerabilities  of  his  target.  But  he’s  fighting 
some  internal  networking  problems  of  his  own  well 
into  the  day. 

Day  2 

In  fact,  the  next  morning  we  run  fragmentation 
scanning  against  the  target  host.  Bob  finds  a  number  of 
open  ports  vulnerable  to  packet  fragment  attacks.  It 
would  also  be  possible  to  modify  an  attack  tool  to  get 
past  the  router,  Bob  says. 

Thus,  Bob’s  report  recommends  the  client  buy  a  fire- 
wall.The  client  would  also  be  wise  to  do  further  test¬ 
ing  on  its  entire  network  infrastructure.  Of  course,  any 
more  work  depends  partially  on  the  client’s  ability  to 
justify  the  expense. 

But  the  client  shouldn’t  count  on  Para-Protect’s 
report  to  scare  funding  out  of  executive  management. 
Rather,  it  should  sell  information  security  to  manage¬ 
ment  in  a  way  that  shows  the  added  security  brings 
value  to  the  business,  says  Gregory  White,  chief  tech¬ 
nology  officer  of  San  Antonio, Texas-based  Secure 
Logix,  while  speaking  at  a  November  Computer 
Security  Institute  conference  in  Washington,  DC. 

“If  you’re  going  to  try  and  justify  expenses  based  on 
risk  analysis  alone,  you're  going  to  have  an  uphill  bat¬ 
tle,’ ’White  explained.  “You  need  to  sell  security  as  a 
business  enabler.” 

Radcliff  is  a  freelance  writer  in  northern 
California.  She  can  he  reached  at  derad@aol.com. 
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hile  there  are  plenty  of  specialized 
network  management  applications 
to  help  identify'  and  frx  problems, 
less  than  a  dozen  of  them  are 
absolutely  essential  for  trouble- 
shooting.These  are  the  tools  you’ll 
use  the  most,  so  make  sure  your 
toolkit  is  equipped  with  these  10 
basic  necessities  for  effective,  effi¬ 
cient  network  management. 

1.  Ping.  Ping  tests  end-to-end  con¬ 
nectivity'  by'  sending  an  Internet  Control  Message  Pro¬ 
tocol  packet  to  see  if  a  node  or  device  is  online  and 
responding.  One  of  the  first  steps  in  troubleshooting  a 
network  is  to  use  the  generic  IP  loopback  address  ‘ping 
127.0.0.1’  to  test  the  local  device. 

You  can  also  use  ping  to  test  the  maximum  transmis¬ 
sion  unit  —  the  maximum  amount  of  data  that  can  be 
carried  in  each  packet  end-to-end.  Moreover,  you  might 
use  ping  to  determine  the  round-trip  time  in  milli¬ 
seconds  to  another  device  on  the  network. 

However,  any  tools  that  generate  a  lot  of  traffic 
through  your  ISP’s  routers  will  probably  trigger  an 
alarm.  If  your  traffic  increases  CPU  usage  or  saturates  a 
link  to  the  Internet,  your  ISP  may  investigate  and  limit 
your  activities. 

2.  Traceroute.  Traceroute  builds  on  the  function¬ 
ality  of  ping  by  evaluating  the  hops  along  a  path  and 
calculating  the  time  it  takes  a  packet  to  travel  from 
one  router  to  the  next. 

For  example,  say  you  ping  a  remote  device  but  it 
takes  a  long  time  to  receive  a  response.To  learn  where 
the  delay  is  occurring,  use  traceroute  to  examine  the 
round-trip  time  to  each  of  the  routers  along  the  path. 

3.  Protocol  analyzer/network  analyzer.  A  proto¬ 
col  analyzer  (sometimes  called  a  network  analyzer)  is 
an  absolute  necessity  for  understanding  what  your  net¬ 
work  is  doing.  Analyzers  capture  all  packets,  or  specific 
packets  defined  in  a  filter,  into  a  trace  buffer.  Tlie  ana¬ 
lyzer  decodes  the  packets  to  give  you  a  readable  defini¬ 
tion  of  the  contents.  Some  more  advanced  analyzers, 
such  as  Network  Associates’  Sniffer  Pro,  can  also  inter- 


Afo  network  professional 
should  be  without  these 
1 0  TCP/IP  troubleshooting 
tools  and  utilities. 


pret  the  communications  patterns  to  provide  alarms 
and  troubleshooting  recommendations. 

AG  Group’s  EtherPeek  is  another  popular  analyzer, 
and  Windows  NT  comes  with  a  no-frills  analyzer  called 
Network  Monitor.  EtherPeek  and  Network  Associates’ 
Sniffer  Basic  cost  less  than  $1,500,  whereas  Sniffer  Pro 
and  other  more  advanced  analyzers  cost  closer  to 
$10,000. 

4.  Port  scanner.  Port  scanning  can  tell  you  what 
services  are  available  on  a  remote  device.The  screen 
shot  (see  graphic)  shows  the  results  of  a  port  scan  to 
10.23.4.99  using  Northwest  Performance  Software’s 
NetScanTools  Pro  2000. 

Just  as  using  ping  could  get  you  into  trouble,  your  ISP 
or  the  targeted  system  may  construe  port  scanning  or 
port  probing  as  a  hostile  action  or  intrusion.  Moreover, 
port  scanning  may  violate  your  ISP  usage  agreement. 

5-  Nslookup/DIG.  Basic  nslookup  utilities  make 
queries  to  Domain  Name  System  (DNS)  servers.  An 
nslookup  query  will  ask  the  default  DNS  server  for 
host  name-to-IP  address  resolutions.  Domain  Internet 
Grouper  (DIG)  is  similar  to  nslookup,  but  provides  a 
more  detailed  reply  from  the  DNS  server.  For  exam¬ 
ple,  a  simple  nslookup  reply  for  www. internal.net 
analysis.org  returns  the  following  information: 
Translated  name.server.netanalysis.com 
IP  address:  10.23.4.99 
Alias:www.intemal.netanalysis.org 
DIG  returns  the  information  above  plus  the  following: 
Name  servers:AUTH00.NS.INT.NET 
IP  address:  10.23.66.1 
AUTH01.NS.INT.NET 
IP  address:  10.23-77.1 

6.  ARP.  Address  Resolution  Protocol  keeps  track  of 
IP  addresses  and  their  corresponding  physical  network 


NetScanTools  Pro  2000  in  action 

Probe  for  specific  transport  types  in  use. - 

Probe  a  single  port  or  a  range  of  ports. - 

Use  an  IP  address  or  host  name  for  the  target. 
Probe  a  range  of  IP  addresses. - 


A  port  scan  shows  that  the  host  1 0.23.4.99 
supports  four  active  ports  —  21  -ftp,  25- 
smtp,  53-domain  and  80-http. 
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addresses.  You  can  read  ARP  tables  to  identify  the  hard¬ 
ware  address  that  is  being  used  to  send  packets. 

7.  Route.  Route  is  a  utility  that  lets  you  read  and 
manipulate  IP  routing  tables  on  a  local  device.The 
tables  determine  the  next  hop  along  a  path  to  a  host 
or  network.These  tables  also  contain  the  default  gate¬ 
way  entry  if  one  exists. 

8.  SNMP  tools.  SNMP  management  tools  provide  a 
way  to  gather  and  display  Management  Information 
Base  (MIB)  data  extracted  from  devices  that  support 
SNMP  agents.You  can  track  SNMP  devices  via  an 
alarming/alerting  system  that  notifies  the  SNMP  man¬ 
ager  when  a  user-defined  threshold  has  been  exceed¬ 
ed.  However,  one  of  the  main  obstacles  to  implement¬ 
ing  an  SNMP  management  system  is  the  lack  of  a  true 
cross-platform  product. 

9.  Cable  tester.  You  need  a  cable  tester  to  pre¬ 
cisely  test  and  troubleshoot  network  wiring.Tools  such 
as  Microtest’  OmniScanner  often  come  configured 
with  an  entire  set  of  tests  to  evaluate  cable  integrity 
and  interference.  Cable  testers  can  report  total  cable 
lengths,  pass/marginal/fail  test  results,  near-end  cross¬ 
talk,  attenuation,  impedance  and  more. 

Some  cable-tester  manufacturers  define  their  tools 
as  network  analyzers.  Although  these  devices  may  pro¬ 
vide  some  information  about  the  packet  types  crossing 
the  wire,  such  as  broadcasts,  they  are  no  substitute  for 
true  network  analyzers  that  display  packet  contents. 

10.  Combination  tools  and  miscellaneous  utili¬ 
ties.  There  are  several  indispensable  combination  trou¬ 
bleshooting  tools,  including  NetScanTools  Pro  2000  and 
the  AG  Group’s  NetTools.  Each  provides  a  group  of  utili¬ 
ties  that  let  you  port  scan,  ping,  trace  route  and  perform 
nslookup,  saving  hours  of  troubleshooting  time.  Of  the 
two,  NetTools  is  less  expensive  and  offers  a  subset  of 
the  tools  included  in  NetScanTools  Pro  2000. 

You  may  also  want  to  consider  other  utilities  that 
provide  basic  configuration  and  connection  informa¬ 
tion,  such  as  Windows  WINIPCFG,  IPCONFIG  and  net- 
stat.An  IP  address  calculator  is  another  handy  tool  to 
have  around,  and  you  may  even  be  able  to  find  a  free¬ 
ware  version  on  the  Internet. 

Having  the  right  tools  makes  the  job  of  troubleshoot¬ 
ing  TCP/IP  networks  less  painful  and  less  mysterious. 

Chappell  is  a  senior  protocol  analyst  with 
Network  Analysis  Institute,  a  network  analysis, 
research  and  training  firm  in  Saratoga,  Calif.  She 
can  be  reached  at  lchappell@  netanalysis.org. 
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What  has  two 

names,  four  slots, 
switches  or  routes 
at  32G  bit/sec,  and 
leaves  most  of  the 
other  Gigabit  Ethernet  switches 
we’ve  tested  in  the  dust? 

Hewlett-Packard  calls  it  the  Pro- 
Curve  Routing  Switch  9304M,  and 
that’s  the  version  we  evaluated.  But 
Foundry  Networks,  which  actually 
makes  the  HP  hardware,  calls  it  the 
Biglron  4000.  Either  way,  with  each 
of  its  four  chassis  slots  filled  with 
eight-port  gigabit  modules,  the 
switch  delivered  maximum  traffic 
loads  on  each  port  and  didn’t  miss  a 
beat  (or  a  bit). 

We  first  tested  Layer  2  media 
access  control  (MAC)  switching  with 
static  streams.  That’s  where  all  of 
port  l’s  traffic  is  switched  to  port  32, 
all  of  port  2’s  input  is  switched  to 
port  31,  and  so  on.  Then  we  tested 
Layer  2  switching  using  the  “mesh 
test”  feature  of  Ixia  Communications’ 
IXIA  1600  traffic  generator/  analyzer. 
This  is  a  grueling  workout,  in  which 
packets  arriving  at  a  gigabit  per  sec¬ 
ond  on  each  port  (that’s  1.488  mil¬ 
lion  minimum-sized  packets  per  sec¬ 
ond)  are  sequentially  switched  to 
each  of  the  other  ports  in  round- 
robin  fashion.  Picture  a  big  round 
table,  at  which  each  of  32  dealers  is 
dealing  cards  to  the  others  at  a  rate 
of  1.488  million  cards  per  second. 

Under  all  Layer  2  configurations 
we  found  100%  wire-speed  perfor¬ 
mance. 

Next  we  tried  Layer  3  IP  routing, 
after  setting  up  IP  subnets  on  each 
of  the  32  ports.  We  got  the  same 
results:  100%  wire-speed  perfor¬ 
mance,  even  for  round-robin,  mesh 
test  routing  among  all  ports. 

In  virtually  every  other  perfor¬ 
mance  metric,  the  switch  checks  out 
just  fine.  Head-of-line  blocking? 
There  wasn’t  any.  Latency?  It  ranged 
from  a  mere  7  microseconds  for  64- 
byte  packets  under  a  light  switch 
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Performance  (25%) 

10 

Management  and 

administration  (25%) 
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Scalability  and  fault 

tolerance  (20%) 
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Functionality  (20%) 
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installation  (5%) 
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Documentation  (5%) 

8 
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Individual  category  scores  are  based  on  a  scale 
of  1  to  1 0.  Percentages  are  the  weight  given  each 
category  in  determining  the  total  score. 
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HP  calls  it  ProCurve  9304R/I;  Foundry 
calls  it  Biglron  4000.  Just  don't  call  it 
slow  —  this  Gigabit  Ethernet  switch 
doesn't  miss  a  bit. 
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load  to  70  microseconds  with  a  full 
load  on  all  ports.  Jitter?  The  worst 
we  saw  was  17  microseconds  with  a 
frill  load  on  all  ports.  Those  numbers 
indicate  there’s  nothing  to  worry 
about  with  latency  or  jitter.  And  our 
tests  showed  there’s  no  leakage 
between  virtual  LANs  (VLAN). 

The  only  unusual  behavior  we 
noted  related  to  the  switch’s  quality- 
of-service  (QoS)  features.  The  switch 
lets  you  assign  as  many  as  eight  pri¬ 
orities  to  different  traffic  classes, 
based  on  criteria  including  MAC 
address,  protocol,  IP  source  or  desti¬ 
nation  address,  TCP  or  User  Data¬ 
gram  Protocol  (UDP)  port  numbers, 
or  ranges  of  port  numbers.  It  turns 
out,  though,  that  these  are  mapped 
to  only  four  queues,  so  you  might 
say  that  the  switch  really  supports 
only  four  discrete  classes  of  traffic. 

We  assigned  a  top  QoS  priority  to 
all  UDP  traffic,  as  a  user  might  do  to 
make  sure  that  voice-over-IP  traffic 
was  always  expedited  through  the 
network  ahead  of  other,  non-time- 
sensitive  data.  The  HP  switch  duti¬ 
fully  gave  priority  to  UDP  traffic,  but 
only  up  to  a  maximum  of  80%  of 
available  bandwidth.  We  checked 
with  the  vendor,  who  told  us  there’s 
a  weighted-fair-queuing  algorithm 
built  into  the  switch’s  logic,  which 
always  reserves  some  bandwidth  — 
20%  as  it  turns  out  —  for  other  traf¬ 
fic  sources  and  types. 

We  really  can’t  argue  with  that.  If 
you’ve  got  more  than  80%  of  your 
bandwidth  consumed  by  your  top 
priority  traffic,  you  might  want  to 


ProCurve  9304M  offers  32  Gigabit 
Ethernet  ports  in  a  compact  package. 

think  of  rearranging  your  priorities. 

The  switch’s  management  func¬ 
tions  are  vested  mainly  in  HP’s 
browser-based  Java  interface,  a  fea¬ 
ture  not  included  with  Foundry’s  ver¬ 
sion  of  the  switch.  The  application  is 
straightforward  and  fairly  intuitive, 
but  lacks  any  online  help.  Without 
that,  you  have  to  regularly  stop  and 
fumble  through  the  documentation. 
The  written  documentation  was  clear 
and  legible,  with  a  full  table  of  con¬ 
tents  but  an  anemic  index. 

The  application  displays  traffic  sta¬ 
tistics  as  raw  numbers  —  a  graphical 
display  would  be  better.  And  while 
the  statistics  are  updated  automati¬ 
cally,  someone  forgot  to  put  the 
units  of  measure  on  the  display.  You 
don’t  know  whether  you’re  looking 
at  bits,  bytes  or  packets.  And  be¬ 
cause  there  is  no  on-screen  help, 
you  can  only  guess. 

You  can  limit  broadcast  and  multi¬ 
cast  traffic  switchwide,  but  we  feel 
that  per-port  broadcast  control 
would  be  better.  Generally  speaking, 
though,  traffic  flow  controls,  includ¬ 
ing  per-port  filtering,  are  adequate. 

The  command-line  interface  has  a 
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ProCurve  Routing  Switch  9304M 

Hewlett-Packard 

(800)  752-0900 

www.hp.com/rnd/products/ 

switches/switches_pc9304m.htm 

$112,995 

Pros 

▲  Wire-speed  Layer  2  and  3 
performance  with  32  Gigabit 
Ethernet  ports. 

▲  Reliable,  stable  performer. 

▲  Compact  form  factor. 

Cons 

▼  Java  browser  interface  has  no 
on-screen  help. 

▼  No  high-speed  WAN  interfaces. 

T  Redundant  management  modules 
need  work. 

Cisco  feel  in  its  command  structure 
and  syntax,  and  overall  is  fairly  use¬ 
ful.  But  the  switch’s  management 
isn’t  helped  much  by  HP’s  TopTools 
—  a  set  of  general-purpose  man¬ 
agement  applications,  which  HP 
ships  free  with  the  switch.  While 
graphical,  the  Windows-based  Top- 
Tools  suite  is  not  that  intuitive  to 
use.  It  features  a  discovery  capa¬ 
bility,  which  adroitly  turned  up  a 
couple  of  test  tools  we  didn’t  think 
were  speaking  on  our  lab  network. 

But  other  than  that,  TopTools  didn’t  ' 
seem  particularly  useful. 

As  it  did  for  performance  and 
management,  the  switch  fared  well  jj 

in  the  category  of  scalability  and  ;j 

fault  tolerance.  All  of  the  same 
modules  in  this  model  also  work  in  j 
HP’s  eight-slot  model  of  the  switch,  | 
the  ProCurve  9308M,  allowing  for  a  jj 
graceful  upgrade  path.  jj 

Redundant  power  supplies  and  j 

fans  are  available,  and  all  modules  | 
are  hot-swappable.  We  found  a  g 

small  problem  with  the  redundant  l 

management  modules,  however.  We  I 

tried  out  a  new  version  of  the  ven¬ 
dor’s  redundant  management  cards, 
but  we  couldn’t  get  automatic  fail¬ 
over  to  work.  HP  acknowledged 
that  the  redundant  management, 
still  in  late  beta  when  we  tested  it, 

,1 

wasn’t  working  properly  and  told 
us  the  company  was  addressing 
this.  New,  higher-priced  redundant 
management  modules  are  required 
to  implement  this  feature. 

Under  the  broad  heading  of  func¬ 
tionality  we  rated  this  switch  fairly 
high;  as  a  Layer  2  switch  or  Layer  3 
IP  router  there  isn’t  much  missing. 

Among  the  features  are  VLANs, 

QoS,  and  full  IP  routing  —  includ¬ 
ing  Border  Gateway  Protocol  4, 

Routing  Information  Protocol 
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Mft 

Qigabit  Ethernet  switch  | 


Versions  1  and  2,  and  Open  Shortest 
Path  First,  as  well  as  the  set  of  new 
IP  multicasting  protocols. 

Multilink  trunking  is  supported.  As 
many  as  four  gigabit  links  can  be 
aggregated  in  a  logical  trunk  group 


between  two  switches  or  between, 
say,  a  switch  and  a  server  with  multi¬ 
ple  network  interface  cards.  You  can 
assign  traffic  over  a  multilink  group 
in  a  couple  of  ways  to  achieve  some 
degree  of  load  balancing.  This  setup 


also  provides  link  failover  protection. 
We  tested  it  and  it  works;  traffic  from 
a  failed  link  is  shifted  over  to  a 
working  link  in  about  0.3  seconds  — 
actually  a  little  faster  than  some  com¬ 
petitors’  gigabit  switches. 


w  w  w .  n  w  fusion.com 


GAGA 

FOR  GIGABIT 

White  paper:  Get  a  detailed  look  at 
the  switch. 


Reviewer's  guide:  Walk  through  the 
product's  features. 


We  tested  with  the  vendor’s 
lOOOBaseSx  port  modules,  but  the 
switch  also  supports  longer-distance 
lOOOBaseLx,  plus  a  full  range  of 
Ethernet  and  Fast  Ethernet  modules 
with  as  many  as  24  ports  per  mod¬ 
ule.  It  lacks  WAN  interfaces  such  as 
OC-3,  OC-12  or  DS-3.  And  gigabit- 
over-copper  —  four-pair  unshielded 
twisted  pair,  per  the  newly  adopted 
IEEE  standard  —  won’t  be  available 
until  next  year. 

The  bottom  line?  HP’s  ProCurve 
9304M  is  a  performance  dynamo, 
and  its  broad  functionality  and  good 
scalability  features  make  it  a  recom¬ 
mended  buy. 

Mier  (ed@mier.com)  is  founder  and 
president  of  Mier  Communications 
(www.mier.com),  a  network  consul¬ 
tancy  and  product  test  center  based 
in  Princeton  function,  N.J.  Smithers 
(rsmithers@mier.com)  is  vice  presi¬ 
dent,  technology  and  Maksymow 
(max@mier.com)  is  manager  of  lab 
testing. 

How  we  did  it 

We  used  an  IXIA  1600  traffic 
generator/analyzer  system 
equipped  with  32  gigabit  ports 
to  test  Layer  2  switching, 

Layer  3  IP  routing,  head-of- 
line  blocking  and  latency 
using  standard  test  scripts 
included  with  the  system.  We 
clocked  multilink  trunk  switch¬ 
over  by  sending  1,000  pack¬ 
ets/sec  for  10  seconds  across 
one  of  the  trunk  group's  links, 
pulled  that  connection  and 
then  totaled  the  packets  re¬ 
ceived;  each  packet  of  our 
total  less  than  10,000  repre¬ 
sents  1  millisecond  of  switch¬ 
over  delay.  We  checked  virtual 
LAN  leakage  by  setting  up  two 
VLANs  and  delivering  loads  of 
unicast,  multicast  and  broad¬ 
cast  packet  streams  on  one, 
while  monitoring  the  other  for 
any  spillover  traffic. 


Call  to 
Reserve 
Your  Copy 
Today!! 


“Getting  VoIP  to  WotT 


Answers  to  these  voip  questions: 

•  Is  VoIP  voice  quality  good  enough ? 

•  Which  VoIP  products  work  best ? 

•  How  do  we  run  an  in-house  VoIP  trial ? 

•  Which  vendors/products  have  an  early  lead ? 

®  Are  gateways  and  gatekeepers  necessary? 

•  Do  VoIP  products  interoperate 7 

®  Are  standards  in  place ?  Complete ? 
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Making  Sense  of  Directories 

The  right  directions  make  it  so  much  easier. 


Register  today  to  learn  the  latest 
directory  strategies  from  the  industry's 
top  companies,  including  Banyan, 
Entevo,  FastLane,  Isocor,  Microsoft, 
Novell,  Process  Software  and  Radiant 
Logic.  This  interactive  educational  pro¬ 
gram  is  chaired  by  top  directory 
experts  Gary  Rowe  and  Dan  Bium, 
from  the  reknowned  consultancy  The 
Burton  Group,  along  with  Network 
World  Executive  News  Editor  Doug 
Barney. 


Save  $50  when 
you  register  by 
January  31 , 2000 

Registration  Fee:  SJSS  $149 


a  lil'UIMill 


Cali  now  to  register 
(800)  643-4668 
or  visit  us  at 
www.nwfusion.com/techupdate/directories 


entevo 

Novell 


FusK^m 

TECHNOLOGIES  INCORPORATED 


Making  Sense  of  Directories  is  a 

one-day  seminar  designed  to  take  the 
confusion  out  of  evaluating  directory 
products  and  services.  The  experts  from 
The  Burton  Group  will  give  you  step  by 
step  guidelines  for  formulating  a 
cohesive  directory  strategy  during  the 
morning  tutorial.  Leading  vendors  will 
then  give  you  firsthand  advice  on 
implementing  directory-enabled 
networking  in  your  enterprise. 

And  a  special  roundtable  discussion  in 
the  afternoon  will  provide  insight  into  the 
issues  associated  with  deploying  large- 
scale  directories,  implementing  industry 
best-practices,  and  identifying  the  range 
of  applications  that  can  benefit  from  a 
solid  directory  services  infrastructure. 
Register  today  and  get  moving  in  the 
right  direction. 
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February  24 

New  York,  NY 

March  1 

Boston,  MA 

March  2 

San  Francisco,  CA 
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March  22 

Atlanta,  GA 

April  1 1 

Washington,  DC 

April  12 
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To  become  a  sponsor  of  this  event,  please  contact  Andrea  D’Amato  at  508-490-6520  or  adamato@nww.com 


Cool  Tools 


Quick  takes  on  high-tech  toys 


Lee  Schlesinger,  Technology  Editor 

Home  automation  X-IOsions 


iPik  nd  now  the  nominees  for  best 
use  of  the  letter  X  with 
electrical  wiring:  X.25;  Xllr6;  X-10; 
and  X  Files. 


The  winner  is  X-10,  the  most  popu¬ 
lar  protocol  for  communication  over 
household  wiring.  With  X-10  devices, 
you  can  turn  lights  and  appliances  on 


and  off,  set  up  a  security  system  and 
control  it  all  from  your  computer.  You 
can  set  up  macros  to  do  multiple 
operations  triggered  by  a  single 


Keep  changin' 


And  your 
budget  isn’t 
growing  as 
fast  as  your 
applications 


State  of  the  WAN:" 
Capitalizing  on 
New  Technologies 
and  Services 
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To  become  a  sponsor  of  this  event,  please  contact  Andrea  D’Amato  at  508-490-6520  or  adamato@nww.com 


Your  remote 
offices  need 
better  connect! 


E-business  is 
placing  new 
demands  on 
your  network. 


It’s  not  easy  managing  all  of  these  issues. 
But  you  can  do  it  —  and  on  budget. 


NetwofkWorid  stale  0,Tthelw"N: .  „ 

•TOWN*'  CaP|tallzin9  011  New  Technologies  and 

MEETING  Sendees  and  get  the  hard  data  you 
■wmirwi  need  to  allocate  your  budget  wisely 
and  make  informed  purchasing  decisions.  This  free 
“town  meeting”  style  event  brings  together  the 
wide-area  networking  experts  you  want  to  meet  in 
a  highly  interactive  forum. 


Dr.  Jim  Metzler  of  Ashton,  Metzler  and  Assoc,  and 
John  Gallant,  Editorial  Director  of  Network  World, 

will  deliver  keynote  addresses  and  moderate 
vendor  strategy  presentations  and  roundtable 
discussions  on  today’s  critical  areas  of  WAN 
management  including: 


•  The  Evolving  Services  Portfolio  —  Frame  Relay, 
ATM,  VPN,  DSL  or  IP.  What  works  for  you? 


•  Managed  Services  and  Equipment —  What  are 
they  and  why  should  you  be  interested  in  them? 


Hear  the  answers  to  these  and  your  own  questions 
about  the  rapidly  changing  WAN  landscape  so  you 
can  start  making  better,  informed  decisions  about 
your  enterprise  immediately.  This  free  seminar  is 
one  of  the  best  investments  you  can  make  for  the 
future  of  your  WAN  —  and  your  peace  of  mind. 


•  Access  Services  and  Equipment 
maximize  your  access  dollars? 


How  can  you 


•  Customer  Care 
giving  enough? 


—  Are  you  getting  and 


Register  today  for  this  FREE  event! 

Call  800-643-4668  or  go  to 
www.nwfusion.com/townmeeting/wan 


Seminar  Tour 

Boston,  MA,  February  1 5 
New  York,  NY,  February  1 6 
Seattle,  WA,  February  29 

Santa  Clara,  CA,  March  1 


Atlanta,  GA,  March  1 4 
Chicago,  IL,  March  15 
Denver,  CO,  March  28 
Dallas,  TX,  March  29 


event.  You  can  even  use  voice  com¬ 
mands  to  tell  your  devices  how  to 
respond,  or  trigger  events  by  light  or 
motion  detection. 

X-10  is  typically  marketed  as  home 
automation  equipment,  but  it’s  also 
useful  in  the  office.  For  instance,  an 
X-10  motion  detector  set  up  in  the 
computer  room  could  trigger  emer¬ 
gency  lights  and  a  call  to  your  phone 
or  pager  using  a  voice  dialer  device. 

There  are  two  types  of  X-10  devices 
—  transmitters  and  receivers.  Some 
devices  do  both.  Receivers  respond  by 
turning  attached  appliances  on  or  off, 
dimming  lights  or  completing  other 
tasks.  Transmitters  send  signals  over 
normal  home  wiring  at  the  push  of  a 
button  or  when  triggered  by  light, 
motion  or  voice  command. 

There  is  a  wide  variety  of  X-10 
devices  available,  and  there  are  many 
vendors  for  each  type.  I’ve  posted 
links  to  some  on  Network  World 
Fusion  (DocFinder:  6322). 

The  brain  of  a  typical  X-10  system 
is  software  that  runs  on  a  PC. You  can 
buy  a  basic  starter  kit  such  as  X-10 
Corp.’s  ActiveHome  or  IBM’s  Home 
Director,  but  the  best  control  system 
I’ve  seen  is  Home  Control  Assistant 
from  Advanced  Quonset  Technology. 
It  lets  you  display  all  your  X-10 
devices  on  a  floor  plan  of  your  home, 
while  a  separate  pane  lets  you  zero  in 
on  a  specific  floor,  device  or  con¬ 
troller.  The  product  provides  wizards 
for  common  tasks  for  new  users  and  a 
visual  environment  for  creating  com¬ 
plex  sequences  of  X-10  operations 
connected  by  programming  logic. 

Lately,  the  X-10  protocol  has  gone 
wireless.  I  tested  X-10  Corp.’s 
Hawkeye  motion  detector  and  Xcam 
Anywhere  camera.  Hawkeye  sends  a 
radio  frequency  X-10  signal  to  a  wire¬ 
less  transceiver  that’s  plugged  into  an 
electrical  outlet.  The  transceiver 
sends  a  signal  to  any  X-10  device  or 
the  console. 

Xcam  Anywhere  lets  you  mount  a 
tiny  camera  anywhere,  even  out¬ 
doors,  and  send  the  color  image 
through  an  attached  wireless  trans¬ 
mitter  to  a  wireless  receiver  within 
100  feet. There’s  an  indoor  model  too 
that  would  make  a  fine  baby  sitter 
cam.  You  can  use  the  motion  detector 
in  conjunction  with  the  camera  to 
record  images  of  anyone  entering  a 
room  or  coming  to  your  door,  for 
example. 

The  tinkerer  in  me  really  loves 
X-10  products.  One  of  these  days 
I’m  going  to  set  up  a  do-it-yourself 
home  security  system  with  X-10 
technology.  Memo  to  burglars:  Please 
wait  until  I’m  ready  to  test  it. 

X-10  isn’t  the  last  word  in  home 
automation.  Newer  products  such  as 
CEBus  and  LonWorks  have  advantages 
over  the  older  X-10  technology,  but 
they’re  also  more  expensive. 

It  takes  a  lot  of  gadgets  for  a  house 
to  become  a  home.  I  spent  last  week¬ 
end  at  the  Consumer  Electronics 
Show  in  Las  Vegas;  stay  tuned  for 
reviews.  a 
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How  to  find  a  competent  information  security  pros 
and  ensure  your  network  is  in  good  hands . 


BY  DEBORAH  RADCLIFF 

A  network  executive  finds  a  candidate  with  the 
perfect  technical  qualifications.  He  makes  an 
offer.  The  candidate  considers  the  offer  so  low 
it’s  an  insult.  Negotiations  break  down. The  can¬ 
didate  storms  out,  threatening, “In  three 
months,  you’ll  be  sorry  you  didn’t  hire  me.” 
Unfortunately,  the  candidate  had  been  interview¬ 
ing  for  a  job  in  information  security.  And  interview¬ 
ers  had  told  him  some  of  the  network  configuration 
to  make  sure  he  could  do  the  job. 

“I  told  that  hiring  manager, ‘You’d  better  check 
your  logs  carefully,’  ”  says  Michele  Crabb,  a  senior 
security  architect  who  oversees  Cisco’s  internal  net¬ 
work.  Crabb  recently  heard  this  story  at  an  informa¬ 
tion  security  conference. 

Other  managers  tell  of  less  frightening  but  simi¬ 
larly  frustrating  stories.  “A  lot  of  candidates  out  there 
claim  to  know  what  they’re  doing,  but  they  really 
don’t,”  says  Paul  Raines,  vice  president  of  electronic 
security  for  the  Federal  Reserve  Bank  of  New  York. 

All  of  which  begs  the  question:  How  do  you  hire  a 
competent  IT  security  professional? 

According  to  Crabb  and  others,  much  of  the  process 
is  similar  to  hiring  any  technologist:  Background 


Howard  Schmidt,  Microsoft's  chief  information  security  officer,  looks  for 
employees  already  on  staff  who  catch  his  team  testing  system  security. 


checks,  skills  tests  and  several  inter¬ 
views  to  gauge  if  the  candidate 
makes  a  good  fit.  But  security  spe¬ 
cialists  should  also  possess  a 
healthy  amount  of  paranoia  and  be 
trustworthy  enough  to  guard  your 
valuable  information  assets. 

To  find  such  people,  compa¬ 
nies  like  Microsoft  lean  toward 
hiring  from  inside.  Fast-paced 
firms  engaged  in  e-commerce 
want  only  seasoned  security  pro¬ 
fessionals  who  can  get  up  to 
speed  quickly.  But  low-margin  organizations,  like  the 
Federal  Reserve,  hire  recent  college  graduates. 

Raines  starts  by  looking  for  students  with  extracur¬ 
ricular  activities  that  show  they’re  adaptable. 

“There’s  one  guy  I  interviewed  who’d  just  gradu¬ 
ated  from  Rensselaer  Polytechnic  Institute  in 
Troy,  N.Y.  He  didn’t  have  any  security  experi¬ 
ence,  but  he  had  built  an  electric  car  by 
himself.  And  he’d  put  in  a  LAN  in  his 
house,”  Raines  explains.  “I  knew  the  guy 
had  smarts,  and  I  hired  him.  He’s  a  star 
performer  on  our  Red  Team.”  The  Red 
Team  is  a  group  that  attacks  the  Fed’s  net¬ 
work  to  test  security. 

Raines  also  looks  for  specific  technical  course- 
work:  Mainly  Unix,  networking,  NT,  Cisco  and  Java. 

When  it  comes  to  hiring  from  within,  it’s  easy 
enough  to  find  candidates,  says  Howard  Schmidt, 
Microsoft’s  chief  information  security  officer.  “The 
tough  part  is  weeding  out  the  wannabes  from  those 
who  can  really  do  the  job,”  he  says. 

Schmidt  and  his  staff  are  always  looking  for  IS 
staffers  who  can  think  out  of  the  box.  For  example,  the 
employees  who  catch  Microsoft’s  Red  Team  testing 
internal  systems  and  notify  his  department  are  the 
ones  he  targets  for  future  hiring. 

During  interviews,  Schmidt  and  his  team  quiz  candi¬ 


dates  to  see  what  they  would  do  under  certain  circum- 
stances.This  shows  if  a  candidate  grasps  overall  sy  stem 
architecture  as  opposed  to  isolated  vulnerabilities. 

While  it’s  best  to  hire  within  the  organization, 
start-up  firms  or  companies  launching  e-commerce 
sites  can’t  afford  to  take  the  time  to  train,  says 
Tracy  Lenzner,  owner  of  Lenzner  and 
Associates,  a  Las  Vegas-based  job  placement 
firm  that  specializes  in  information  securi¬ 
ty  professionals. These  companies  need 
seasoned  infosec  analysts,  which  calls  for 
the  most  rigorous  screening  processes. 

If  you  hire  from  outside,  look  among  your 
peers,  Crabb  advises.  If  that  doesn’t  turn  up  any¬ 
one,  advertise  at  technical  and  security  conferences, 
or  call  a  headhunter.  And  when  you  find  the  right  can¬ 
didate,  screen,  screen,  screen. Then  put  all  the  inter¬ 
viewers  together  to  compare  notes.  Look  for  personali¬ 
ty  traits  like  drive,  energy,  determination  and  integrity; 
professional  traits  like  dedication  and  analytical  skills; 
and  a  strong  understanding  of  the  business  at  hand. 

“Security  is  a  hard  sell,”  Crabb  says.  “So  security  ana¬ 
lysts  must  be  able  to  explain  to  management  and  other 
departments  how  to  do  things  the  right  way.” 

Radcliff  is  a  freelance  writer  in  Northern 
California.  She  can  be  reached  at  DeRad@aol.com. 


Turn  to  page 
42  to  get  the  full 
skinny  on  what 
happens  during 
a  network 
penetration 
test. 
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Place  your  users  and  servers  wherever  you 
need  them  most.  The  XP4000  Series  enables 
your  users  to  conveniently  control  system 
servers  from  their  offices  or  their  labs.  Stay 
one  step  ahead  of  the  game  with  this  suite  of 
multi-platform  KVM  matrix  switches.  Get 
simultaneous,  multi-user  access  to  any  server 


from  any  office,  and  preserve  your  data  center's 
clean  room  environment. 

Let  us  custom  design  a  solution  for  your  business. 
It  may  be  your  smartest  move  yet! 


Hand  it  to  Cybex 


www.cybex.com 

(800)  932-9239 


Computer  Products  Corporation 


Cybex,  the  Cybex  Logo,  and  XP  are  trademarks  or  registered  trademarks  of  Cybex  Computer  Products  Corporation 


MasterSwitch  benefits  include: 


•  New  intuitive  web  interface 


Network  Managers:  Take  Control! 


•  Multiple-user  accounts 

•  MD-5  Authentication 


•  Graceful  load  shedding 

•  Individual  outlet  control 


Web  interface  simplifies 
configuration  and  remote 
management  capabilities. 


•  Support  for  all  your  redundant 
power  equipment 

•  Provides  graceful 
server  shutdown 
with  APC 


Legendary  Reliability  " 


132  Fairgrounds  Road,  West  Kingston,  Rl  02892 


Today,  power  management  means  high  availability.  For  network  operations,  remotely 
rebooting  locked  equipment  to  bring  each  device  back  on-line  quickly  boosts  productivity. 
APC  MasterSwitch  saves  corporations  many  unwanted  field  service  calls  and  costly 
downtime  expenses  due  to  remote  equipment  locking  up.  Make  APC  your  choice  for  high 
availability  solutions. 


Visit  APCs  Web  site  today  to  receive  your  FRE 
APC  Netwoik  Enhancement  Solutions  Kit  and  test 
drive  MasterSwitch  on-line  before  buying! 


http: //promo,  apcc.  com 

CALL:  (888)  289-APCC  *7823  •  FAX:  (401)  788-2797 


KEY  CODE 

q473z 


D2000  American  Power  Conversion.  All  Trademarks  are  the  property  of  their  owners.  MS4A9CP-US  •  PowerFax:  (800)  347-FAXX  •  E-mail:  apcinfo@apcc.com 


PowerChute®  plus 
software  and  APC  UPSs. 

/ Smart-UPS ®,  Matrix-UPS ®  and  Symmetra “  models  only) 


|N7 ERNE T 


APC  MasterSwitch “  plus  recently 
won  Internet  Telephony  s  Product 
of  the  Year  award 


Observer  identifies  network  trouble  spots,  and  costs  thousands  less  than  ■ 
expensive  hardware-based  analyzers.  If  you  have  network  slowdowns  would  you 
know  if  they  are  being  caused  by  packet  errors,  broadcast  storms  or  overloaded 
utilization?  Find  out  with  Observer  or  Distributed  Observer. 


•Full  packet  capture  and  decode  for  over 
300  protocols,  including  TCP/IP  (v4  and 
v6).  NetBIOS/NetBUEI.  IPX/SPX, 
Appletalk,  SNA,  and  DECnet. 


Observer’s  Extensions  add  to  the  functionality  of  Observer  and  Distributed 
Observer  by  providing  SNMP  object  tracking.  WEB  browser  based  reporting. 
R MON  1/2  Probe  monitoring  and  Expert  mode  post-capture  analysis  -  all  within 
the  Observer  interface.  Network  Instruments'  Probes  are  also  available  as 
RM0N1/2  Probes  for  $295/each. 


•Switched  mode  sees  all  ports  on  a 
switch  gathering  statistics  from  the  entire 
switch  or  packet  capture  from  any  port  or 
ports.  Finally  a  protocol  analyzer  that 
can  be  used  in  switched 
environments! 


LAN/WAN 


•Long-term  network  trending  collects 
statistical  baseline  data  for  days ,  weeks, 
months  or  years  for  review  and 
reporting. 


AND  PROTOCOL 


•Distributed  version  available  for  $1290 
( includes  1  local  and  1  remote  Probe). 
Additional  Probes  are  $ 295  per  local  or 
remote  segment  or  switch. 


•  Network  Instruments  '  optimized 
ErrorTrack™  NDIS  drivers  display  true 
errors-by -station.  Includes  collision 
expert  to  identify  problem  stations. 


•  Track  router  utilization/traffic  in  real  time 


Ethernet  (10/100/1000), 
Token  Ring,  FDD I 


See  what  you  have  been  missing!  Cali  800-526-7919  for  a  FREE  DEMO  or  download  from  our  web  site: 


©  1999  Network  Instruments.  LLC  -  Corporate  Headquarters  (612)  932-9899  FAX  (612)  932-9545,  UK  and  Europe'  +44  (0)  -1322  303045  FAX  t44  (0)  1322  30301 
i nfo <S networkinstruments.com  vwwv.netvvorkinstruments.com  Observer,  Network  Instruments  and  the  ’N"  load  are  registered  trademarks  of  .Network  Instruments,  LLC  MHyVeijp6Ns;  MN  Uh 
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FREE  Internetworking  Kit. 

Learn  how  APC  can  make  your  network  more  manageable. 


To  order  Visit  http://promo.apcc.com  Key  Code  q472z  •  Call  888-289-APCC  x7713  •  Fax  401 -788-2797 


©  2000  American  Power  Conversion.  All  Trademarks  are  the  property  of  their  owners.  NS4A9EP-US 

PowerFax  1300)  347-FAXX  •  E-mail:  apcinfo@apcc.com  •  132  Fairgrounds  Rd.,  West  Kingston,  Rl  02892  USA 


APC  ensures  network  uptime, 
anywhere  and  everywhere 


ARC  delivers  enterprise-wide  network  up-time. 
Your  full  spectrum  of  network  and  power  pro¬ 
tection  products  are  easily  integrated  in  the 
innovative  APC  NetShelter®. 

APC  NetShelter  simplifies  network  protec¬ 
tion  and  security  by  providing  a  premium, 
freestanding  network  enclosure.  It  arrives 
ready  to  install  and  costs  up  to  20%  less 
than  other  premium  enclosures. 


22U  (38.5")  of  vertical  space  for  industry- 
standard  19"  rackmount  equipment,  yet 
easily  fits  through  a  standard  7'  door. 

APC  NetShelter  accommodates  nearly  all 
rackmountable  equipment  lines,  including 
HP,  IBM,  Dell,  Cisco  and  3Com.  Custom 
mounting  kits  allow  easy  installation  of 
many  rack-mount  servers,  disk  storage 
or  accessories. 


NetShelter® 


APC's  NetShelter  simplifies 
network  protection  and  security 
by  providing  a  premium, 
freestanding  network  enclosure. 


APC  NetShelter  saves  floor  space,  organiz¬ 
es  equipment,  eliminates  cabling  "rat's 
nests”  and  physically  protects  your  invest¬ 
ment.  NetShelter  provides  42U  (73.5")  or 


Free  NetShelter  Configurator 
Software  on  CD  or  download¬ 
able  via  our  website  at 
www.apcc.com 


TM 


APC's  remote  power  control 
device  that  provides  individual 
outlet  reboot  capabilities  for 
locked-up  equipment. 


PowerStack  from  APC  provides 
power  protection  and  battery 
back-up  for  stackable  data  com¬ 
munications  hubs,  switches  and 
small  routers. 


APC’s  Smart-UPS  series  is  perfect 
for  fileservers,  minicomputers, 
internetworking  equipment, 
telecommunications  systems  and 
other  mission-critical  applications. 


At  Home, 

How  You  Surf  is 
Your  Business.... 


...AT  WORK.  ITS  OURS 

Little  Brother  Displays: 

•  Who  uses  the  Internet 

•  What  kind  of  bandwidth  they  are  using 

•  Where  your  users  are  going 

•  When  your  users  visited  sites 

•  How  much  bandwidth  they  used 


Lfttl^ 

[  BR$ 

546  Valley  Way,  Milpitas,  CA  95035 
Ph:  1.800.200.9881  Fax:  408.263.9883 
sales@littlebrother.com 


How  Do  You  ReBoot 
Remote  Equipment? 


48VDC 


With  Sentry! 

Now  with  Sentry,  you  can  reBoot  any  locked-up 
internetworking  device  through  a  standard  dial-up 
modem,  ever  an  ethernet  network  via  TCP/IP  using 
Telnet,  through  a  JAVA  interface  or  with  SNMP 
support.  The  Sentry  family  of  products  provides 
an  easy,  practical,  and  secure  solution  for  power 
management  of  remote  internetworking  equip¬ 
ment.  Select  the  Sentry  model  best  for  you. 


Group  name 


functions 


Link  up  to  26  units 


Reboot  control 


Benefits 


Reduces  field 
service  visits  to 
POP  sites 


Reboot  control 


Group  name 
functions 


IMEBs  compliant 


•  Faster  problem/ID  solution 
response  time 

•  Improved  network  availability 

•  Improved  network  service  levels 

•  Improved  facility  security 


See  our  complete  product  line  at: 

Web:  www.servertech.com  Another  great  product  from 

Phone:  1-800-835-1515  or  1-408-745-0300  Server  Technology  Inc. 

FaX:  1-408-745-0392  ©1999  Server  Technolosy  Inc.  Sentry  is  a  trademark  of  Server  Technology  Inc. 
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The  problem  is, 
your  timing's  off. 


Bad  timing  can  throw  a  wrench  into  the  workings  of  any  company.  In  today's  global  e-business 

marketplace,  time  is  money.  Accurate,  synchronized  time  for  all  your  network  components  is  essential 
for  integrity  and  security.  The  answer?  TymServe™,  the  proven,  system-independent  solution  for  accurate 
global  time  synchronization.  Without  it,  you're  simply  out  of  time. 


■  Plug  and  play.  Rack-mountable  units  install  while  your  server  is  up  and  running  -  unlike  others. 

■  Redundant  sources.  Use  GPS  (Global  Positioning  System),  IRIG  (Inter-Range  Instrumentation 
Group)  time  code  or  dial-up  for  time  sources. 


■  Low  cost.  Improved  synchronization  and  unsurpassed  reliability 
leave  you  free  to  focus  on  other  issues. 

■  Secure  source.  NTP  (Network  Time  Protocol)  traffic  stays  inside 
the  firewall  -  unlike  other  time  solutions. 


©  Datum 

E-Business  Solutions 


Copyright  Datum  Inc.  All  rights,  reserved. 
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Remote  Reboot  Over  Telnet! 


Reboot  your  Network  Equipment  via  Telnet,  Dial-Up  and  Local  Console 


Network  equipment  sometimes  "locks-up"  requiring  a 
service  call  just  to  flip  the  power  switch  to  perform  a 
simple  reboot.  The  NPS  Network  Power  Switch  gives 
network  administrators  the  ability  to  perform  this 
function  from  anywhere  on  the  LAN/WAN,  or  if  the 
network  is  down,  to  simply  dial-in  from  a  standard 
external  modem  for  out-of-band  power  control. 


✓  TCP/IP  Security 

✓  Individual  Plug  Passwords 

✓  Dual  15  Amp  Power  inputs 

✓  Eight  (8)  Individual  Outlets 

✓  Modem  and  Console  Ports 

✓  Co-Location  Features 

✓  115-VAC  and  230- VAC  Models 

✓  Modem  and  Telnet  Auto  Reset 


Individually 
Programmable 
Outlet  Plugs  (8) 


lOBase-T  Ethernet 
Interface 


1 9”  Rack  Brackets 
Allow  Front,  Back,  or 
Center  Mounting 


Dual  15  Amp 
Power  Circuits 


Modem  Port  for 
Out-of-Band 
Management 


□  western 
]  telematic  inc. 


Local  RS232 
Console  Port 


(800)  854-7226  *  www.wti.com 


5  Sterling  •  Irvine  •  California  92618-2517  •  (949)  586-9950  •  Fax:  (949)  583-9514 
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SNMPc  Enterprise 
Manager 


How  old  is  the  UPS  protecting  your 
new  PC  or  server?  Upgrade  now! 


©  2000  APC  All  Trademarks  are  the  property  of  their  owners  APC4A9CP-USb  •  E-mail;  apcmfo@apcc.com  •  132  Fairgrounds  Road.  West  Kingston.  Rl  02892  USA 


APC's  Reliability  Upgrade 
Program  affordably  ensures 
the  best  protection  available 


An  old  UPS  (4  years  under 
normal  use)  increases  the 
risk  to  your  new  PC  or  server. 
Your  equipment  deserves 
the  best  power  protection. 
Now  is  your  chance  to  get  a 
great  discount  on  the  newer, 
more  advanced  APC  UPS 
products  with  APC's 
Reliability  Upgrade  Program. 

The  APC  Trade-UPS™  pro¬ 
gram  is  a  cost-effective  way 
to  upgrade  existing  units, 
thus  ensuring  their  reliability. 
Trade  in  any  UPS  (regardless 
of  manufacturer)  for  the  latest 
APC  UPS  technology.  Order 
new  units  today,  and  upon 
receipt,  APC  will  pay  to  have 
your  old  units  (up  to  150  lbs.) 
picked  up  and  returned  to  us 
for  proper  ecological  disposal. 

If  old  UPS  batteries  are  an 
issue,  APC's  Replacement 


APC 

Legendary  Reliability" 


Battery  Program  can  help 
replace  your  old  batteries 
with  new.  Each  replacement 
battery  is  user-replaceable 
and  hot-swappable.  With 


each  purchase  of  a  replace¬ 
ment  battery,  you  get  free 
freight  back  to  APC  for  dis¬ 
posal  of  your  old  batteries.* 

'Available  in  the  US  only. 


Contact  us  today!  Visit  APC's  Web  site  at 


http://promo.  apcc.  com 

and  enter  keycode  q474z  or  call  888-289-APCC  x781 3 
to  find  out  about  APC's  Reliability  Upgrade  Program,  to  protect 
your  hardware  with  a  new  APC  unit  or  battery.  Or  contact  APC 
to  receive  your  FREE  68-page  Guide  to  Power  Protection. 


Distributed  management 
for  Windows  NT.  Supports 
remote  consoles  and 
polling  agents,  Web  Trend 


Network 

Management 

* 

for  Microsoft  Windows 


Reporting  and  more. 


SNMPc  WorkGroup 
Manager 


Affordable  management 
for  small  networks. 

With  an  installed  base 
of  over  60,000  copies, 
this  popular  tool  is  resold 
by  major  OEMs,  including 
Cisco  and  ACC. 


Castle  Rack. 

Computing 

Phone:  408.366.6540 
Fax:  408.252.2379 


Be  a  part  of  Network  World's  ComNet  Planning  Guide 

Issue:  January  17 


If  your  company  is  planning  to  exhibit  at  ComNet  in  Washington,  DC,  then  the  Network  World’s 
Planning  Guide  is  a  must! 


For  More  Information  on  Advertising 
in  Network  World’s  Marketplace 
1-800-622-1108 


Get  extra  exposure  in  this  pre-show/planning  guide  issue  and  pave  the  way  for  increased 
traffic  at  your  booth. 

Call  your  sales  rep  for  details  or  email  us  at  directresponse@nww.com. 

TEL:  800-622-1108  ext.  6507  or  FAX:  508-460-1192 


800-783-8979  d 

Fax  916-781-6962  $K 

We  Carry  ALL  Manufacturers  yl 


[  Specializing  In: 
3-Com 
Nortel 

Bay  Networks 
Cabletron 

CISCO 

Ascend 

Fibermux 

Livingston 

Micom 

Motorola 

Synoptics 

Data /Voice 
Network 
Solutions 


LAN/WAN 
BUY/SELL 
NEW/USED 
RENT/LEASE 
Fully  Warranted 

Switches 

Hubs 

Bridges 

Routers 

Multiplexers 

T-1  Equipt 

DSU/CSU 

Modems 

Alternative 

Data 

Communication 
Sources,  Inc. 
916-781-6952 


Cabletron  Equipment 

GUARAMTEEP 

•  100%  factory  refurbished 

•  Only  factory-authorized  VAR 

L^0  O®  /  .  *  30  day  hot  swap,  1  year  free  repair 

•  We  also  carry:  Bay  Networks. 

3Com,  Compex,  Cisco  &  more! 


Vnetek  Communications,  LLC 
sales@vnetek.com  •  www.vnetek.com 

Brand  names  are  registered  trademarks. 


USED  cisco  direct 


■■7-888-09-CtfCO* 


Save  big  on  new/ used: 

►  Routers  ►  Switches  >-  XDSL  >- AIM 

►  ISDN  ►  Fast/GIGABIT/ENET  ►  T1  A3  DSU 

►  Frame  Relay  BUY/SELL/RENT 


4v. 


CISCO 


►  Ascend 

►  Lucent 


www.  digitalwarehouse.  com 


♦♦  DIGITAL  WAREHOUSE 

V  Your  Information  Superhighway  Discount  Sources  > 


3COM 

ADC  Kentrox 
Adtran 

Nortel  Networks 


► 

> 


> 


Cisco  Systems 


PARTNER 

PREMIER  CERTIFIED 


Digital  Link  ►  Larscom 
Alteon  ►  Xyplex 
Paradyne 
Foundry  Networks 


Netfast  Communications  Inc.,  56-29  56,h  Drive,  Maspeth,  NY  1 1378  Ui 
Phone:  I  -888-892-4726  or  718-894-7500  Fax:  71 8-894- 15. 
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Cable  University 

'  (800)  537-8254 
I  www.CableU.net 
j  FREE  online  training  in  network 
sibling  installation  &  maintenance  | 


i  NCR  Customer  Education  j 

(800)  845-2273 
||  www.ncr.com/trainus 
L  Cisco,  MCSE,  NT  &  Networking, 

1  Training 


Cyber  Pass  inc. 

(613)  237-4991 
I  www.certify.com 
!  A+,  CNE,  MCSE  exam 
I  simulation  software-FREE  to  trv! 


ForeFront  Direct 

I  (800)  475-5831 
y  www.ffg.com 

Computer  based  training  for 
the  I.T.  industiy 

LearnIT  Corporation 

(800)  352-4806 
j  www.Learnitcorp.com 
|  MCSE  &  End  User  State-of-the-Art 
[  Simulation  Technology 

LearnKey,  Inc. 

(800)  865-0165 
I  www.leamkey.com 
I  Self-Paced  Training  for  Computer 
!  Users  &  IT  Professionals 


|  GrossTec’s  NetOp  School  SW 

(800)  675-0729 
!  www.CrossTec.Net 

!  Six  essential  tools  for  the  networked  | 

!  classroom.  Download  a  Free  Eval 

smm 


PMG  NetAnalyst 

(800)  645-8486 
I  www.pmg.com 

i  Network  Analysis  &  Tool  Training 
I  Certified  NetAnahM  Testing 

Specialized  Solutions,  lnc| 

(800)  942-1660 
www.specializedsolutions.com 
MCSE,  A+,  Network+,  MS  Office,  CDIA,| 
Unix,  Linux,  Cisco  FREE  Demo  Avail 

TCIC 

(800)  322-2202 
www.tcic.com 

Telecommunications  +  Data  Comm.,  § 
On-Site  +  CD’s  also  available. 

|  Wave  Technologies 

(800)  711-0286 
www.wavetech.com 
MCSE,  Cisco,  MCSD,  A+,  Network*,  | 
CNE.Bootcamps,  Online,  Selfstudy 

To  Place  Your 
Listing  Here 
Call  Enku  Gubaie 
at  1-800-622-1108 


Contact  these  companies  today  to  help  you  with  your  training  needs! 


4I./IIVIVAAI.  COM 


Purveyors  of  Networking  Hardware 


NEW 

& 

USED 

Switches, 
Modules, 
Routers, 
Hubs  &  More 


Cite*  Swiss 


protean 


Bay  Networks 


caaerRon 

_ SYsmrrts 


SsSynOpllcs  HIIqI 

SMC*  //Robotics  «■  CHIPCOM 


BUY 

& 

SELL 

Quantity,  Reseller, 
Government  & 
Education,  Discounts 
available. 


LOWER  PRICES  THAN  THOSE  WAREHOUSE  GUYS! 


Lowest  Prices  on  Factory 
Fresh  Equipment 
Up  to  90%  OFF  Retail 
for  Refurbished  Items 
+  Huge  Inventory  of 
Legacy  Products 
-t  Factory  Trained 

Consultants  on  Staff 

Fax  us  Your  Want  to  Sell  / 


GIANT 

.INVENTORY  < 


Authorized 
Service  Center 
+  We  Also  Do  Repair: 

&  Exchanges 
+  Same  Day  Shipping 
on  Most  Items 
~r  Same  Day  Delivery 
Via  Counter  Service 

Buy  Lists  @  516-293-5325 


L  [£Li:  cur  Heir  iuui-  tavii  Cu-Lftic  S/ic^/^uxc 
£  ,-Lucucu  v©  LviVvlLvVvuLZALtlVvlZALL-kZCLU.  ^'6 

A  Division  of  Ergonomic  Enterprises,  Inc. 

^  CALL  W  LL  LLlLLf  X-li'l'l  l-L/Ufe  J|a1 

Si'ternattonal  Calls:  001-1-516-293-5200  /  E-mail:  Sales@4LANWAN.COM 


147  WE R MAN  CT.  I 


I  PLAIN  VIEW,  NY  ll  1  18031 


"Good  As  New"  Networking  Equipment 
Good  As  New  Warranties 


Visit  us  On  the  Web  @  www.nle.com 


NORTEL 

NETWORKS 

Bay;  Networks 


Cisco  Systems 

®  3 

Co 

1 

caBORon 


systems 


•  Authorized  Nortel-Enterprise  Solutions  Provider 

•  Free  Technical  Support  on  Purchased  Equipment 

•  Free  Network  Design  Support 

•  Largest  Inventory  in  the  Industry 

•  Best  Priced  Memory  Upgrades 

888.891.4229 


V  ^ 

a 


m 


X  a  ^ 


C.O.D's  Terms 


Phone  801-377-0074 
Fax  801-377-0078 
1403  W.  820  N.  Provo,  UT  84601 


NETWORKING 


New  &  Used  Buy  •  Sell  •  Trade 


www.  bizin  t.com 

NY  Office/USA  Sales:  ^ „  Main  Office/lnt'l  Sales 

Tel:  (315)  458-9606  DI7I  Tel:  (978)  667-4926 

Fax:  (315)  458-9493  Fax:(978)  663-0607 


Find  the  Product  and  Services  that  you 
are  looking  for  on  Network  World 
Fusion's  Product  Showcase. 

g°  to:  www.nwfusion.com 
click  on:  protjuct  Showcase 


Systei^FttrtumsTMemory 


Also  Available:  Wellfleet,  Bay,  Fore, 
Xyiogics,  Livingston,  &  Ascend 

In  Stock  •  Fast  Delivery  •  No  Expedite  Charges 


COMSTAR,  INC. 

The  #1  Network  Remarketer 

612 *835 *5502 

Fax  612»855»1927  E-Mail:sales@comstarinccom 


nsgdata.comr 

N  E  T  W  Qj  UK  SERVICES  GROUP 


specialists  in 
Year  2000 


telex  and  X.25 


solutions  worldwide 


1.800.270.2669  301.662.5901 
www.nsgdata.com 


Livingston  US  Robotics 

Ascend  0,  ^AY  Micom 

■s?  Specialist  in  all  ^ 
Cisco  products  ■JO 
W  including  Memory  ^ 

T"  LAN/WAN  Products 


Y 

v  New,  Used,  Lease, 

3Com  'k*  ^  Rent  Codex 

Adtran  ^  ‘N  0*1  ^  Xyiogics 
Motorola  Wellfleet 

We  carry  all  Manufacturers 


Millennium  Solutions  Group,  Inc. 


Routers,  Bridges  ‘Frame  Relay 
•DSU/CSU’s  ‘Hubs,  Modems 

•Switches,  ATM  ‘Voice  over  Data 


We  Buy  and  Sell 

888-801-2001  Fax  (916)  630-2000 
Visit  our  Web  Site  at: 
http://www.millenniumsolutions.net 


USED  NETWORK  HARDWARE 

Routers  ♦  Switches  *  T1/T3  DSU/CSU  ♦  Access  Servers  •  Cables  •  Memory 

VI  D  A  ) 

,~i  .3  .— j  ll 


Ascend  ♦  Livingston  ♦  Adtran  ♦  Kentrox 

Buy  /  Sell  /  Lease  *  Overnight  Delivery  ♦  Fully  Guaranteed 

1  () il-  )  )!■  1  10/ 


Fax  805-964-9405 


www.networkhardware.com 


re  5\trbaie,  in 
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IT  CAREERS  IT  CAREERS  IT  CAREERS 


Software  engineer 

Will  analyze  user  requirements, 
design,  develop  and  implement 
information  management  sys¬ 
tems  on  IBM  mainframe  system 
on  MVS  with  CICS,  DB2,  and 
COBOL.  Will  define  and  estab¬ 
lish  DB2  database  structure. 
Will  develop  job  stream  using 
JCL  to  execute  batch  jobs.  Will 
debug  existing  and  new  system 
programs  using  INTEREST, 
Smartest.  Will  develop  man¬ 
agement  report  using  PLAT¬ 
INUM.  Direct  software  system 
testing  procedures,  program¬ 
ming  &  documentation.  Located 
in  Boca  Raton,  FL  and  various 
unanticipated  locations 

throughtout  the  United  States. 
Should  be  willing  to  relocate  on 
a  project  by  project  basis.  40 
hour  week,  9AM-5PM,  $70,000 
per  year.  Master's/Foreign 
degree  equivalent  in  Electrical 
Engineering,  2  years  experi¬ 
ence  in  the  job  offered.  In  lieu  of 
Master’s/For.  Deg.  Equiv.,  will 
accept  Bachelor’s/For.  Deg. 
Equiv.  with  5  years  progressive 
experience  as  systems  analyst. 
Submit  resume  to:  Dept  of 
Labor/Bureau  of  Workforce 
Program  Support,  PO  Box 
10869,  Tallahassee,  FL  32302, 

ATT:  L.  Knight, 

RE:  JOFL#2024729 


e-lite 

companies 


e-merging 

companies 


e-ssential 

companies 


■  mk 


opportunities 


Administrator 

Baan  Applications:  Install,  con¬ 
figure/admin.  Baan  IV,  Baan 
ERP  software,  interfaces. 
Troubleshoot  Baan  tools/apps., 
Baan  tools  process  automation, 
software  access  control,  securi¬ 
ty,  software  configuration  mgmt, 
software  patch  mgmt,  device 
mgmt,  software  environments. 
Transfer  data  between  sys¬ 
tems.  Tune  Baan  apps.  to 
enhance  performance,  inte¬ 
grate  Baan  software 
w/Leasetek,  Vertex,  Moopi, 
Hyperion,  Visual  Basic.  Create 
alert  programs,  utilities  for  criti¬ 
cal  Baan  process  that  run  with 
errors  giving  real  time  support 
for  end  users  in  solving  Baan 
tools  problems.  Use  Baan  IV, 
Baan  ERP,  Triton  Tools  6.1, 6.2, 
Baan  exchange,  Oracle,  HP- 
UX,  shell  programming/C.  Req. 
Bachelor's  Elec./Comm.  Eng  or 
Comp.  Sci.  +  2  yrs.  exp.  in  job 
offered.  Competitive  prevailing 
wage/benefits.  40  hrs/wk,  8am- 
4:45pm.  Refer  to  job  code 
9907-128  mail/fax/email  to 
Sensormatic,  PO  Box  5037, 
Boca  Raton,  FL  33431-0837; 
fax:  561-912-6851;  email: 
employment  ©sensormatic. co 
m  (no  attachments  please).  An 
EOE,  M/F/DA/. 


Software  Engineer: 
Design,  evaluate  and 
develop  tools  and  methods 
used  for  product  testing; 
rovide  coordination 
etween  U.S.  and  European 
company  to  ensure  a 
consistent  test  environ¬ 
ment;  ensure  that 
European  methodologies 
and  requirement  interpre¬ 
tations  are  consistent  with 
the  requirements  of  the 
new  Insight  development 
environment;  design, 
implement  and  execute 
the  automated  verification 
procedures;  application 
development  team,  design 
and  develop  application 
based  programs  using  QA 
artner;  design  test  target 
ardware  configuration  in 
conjunction  with  test  design. 

Associate  degree  in 
Electronic  Technology 
required.  One  year 
experience  in  the  position 
or  one  year  as  a  Software 
Specialist  &/ or  Software 
Engineer  required.  Related 
occupation  must  be  in 
electric  energy  management 
industry. 

40  hrsAMc;  9:00a.m.-5:00p.m.; 
$55, 092/year.  Must  have 
proof  of  legal  authority  to 
work  permanently  in  the 
U.S. 

Send  2  copies  of  both 
resume  and  cover  letter 
to  Illinois  Department  of 
Employment  Security, 

401  South  State  Street-7 
North,  Chicago,  Illinois, 
60605.  Attention:  Brenda 
Kelly,  Reference  Number 
V-IL-20443-K.  NO  CALLS. 


For  nearly  20  years,  Syntel  employees  across 
North  America,  Europe,  and  Asia  have  helped  build 
advanced  information  technology  systems  for  leading 
Fortune  500  companies  and  government  organizations 
to  improve  their  efficiency  and  competitiveness.  Today, 
Syntel  professionals  are  building  rewarding  careers  by 
providing  solutions  in  e-business,  CRM,  Web  Design, 
Data  Warehousing  and  LAN/WAN  services. 

Come  discover  why  Forbes  magazine  placed  Syntel 
second  on  its  list  of  “The  200  Best  Small  Companies 
in  America"  and  Business  Week  ranked  us  #1 1  on 
its  list  of  Hot  Growth  Companies. 

Due  to  our  rapid  growth,  we  have  immediate,  full-time 
opportunities  for  both  entry-level  and  experienced 
Software  Engineers,  Consultants,  Programmers, 
Programmer/Analysts,  Project  Leaders,  Project 
Managers,  Supervisors,  Database  Administrators, 
Computer  Personnel  Managers  and  Computer 
Operations  Managers  with  any  of  the  following  skills: 

Mainframe 

•  IMS  DB/DC  or  DB2, 

MVS/ESA  COBOL,  CICS 

•  Focus,  IDMS  or  SAS 

Mid  Range 

•  U6000 

DBA 

•  Oracle  or  Sybase 

Client/Server 

•  Informix,  C  or  UNIX 

•  Oracle  Developer  or 
Designer  2000 

•  JAVA,  HTML,  Active  X  or 
Web  Commerce 

•  SAP/R3,  ABAP/4  or 
FICO  or  MM  &  SD 

•  Lotus  Notes  Developer 

•  Oracle  Applications  & 

Tools 

•  UNIX  System 
Administrator 


1  UNISYS  A  -  Series  or 
UNISYS  2200 


AS/400,  RPG/400, 
Synon  or  COBOL 

DB2 


•  UNIX,  C,  C++,  Visual 
C++,  CORBA,  OOD  or 
OOPS 

•  LAN/WAN,  Novell  or 
WinNT 

•  Sybase,  Access  or 
PowerBuilder 

•  PeopleSoft 

•  SQL  Server  or  Visual 
Basic 

•  Baan 

•  IEF 


Technical  Recruiters 

•  Junior  and  Senior  positions  available 

Some  positions  require  a  Bachelor's  degree,  others  a 
Master's  degree.  We  also  except  the  equivalent  of  the 
degree  in  education  and  experience. 

With  Syntel  (NASDAQ:  SYNT),  you'll  enjoy  excellent  compen¬ 
sation,  full  benefits,  employee  stock  purchase  plan  and  more. 
Please  forward  your  resume  and  salary  requirements  to: 

Syntel,  Inc.,  Attn:  Recruiting  Manager-LDOI,  2800 
Livernois  Rd.,  Suite  400,  Troy,  Ml  48083.  Phone: 
248-619-2800;  Fax:  248-619-2888.  Equal 
Opportunity  Employer. 

SVISTWEL 

uvww.syntelinc.com 


Programmer 

Analyst 

Programmer  Analyst  who 
has  at  least  1  year  of  work 
experience  and  a  Bachelor's 
Degree.  Experience  with  one 
or  more  of  the  following; 
Oracle,  SQL,  PL/SQL, 
Developer  2000. 

Good  written  and  oral  com¬ 
munication  skills  required. 

Email  resumes 
gibsonle@cdm.com 


It’s  Fast.  It’s  Huge. 

It  Crosses  Worlds  &  Dimensions.  IT  CAREERS 


IT  CAREERS  IT  CAREERS 


Information  Technology 


r  H  t  BUSINESS  WOkLU 

THE  POWER  OF  PARTNERS. 

Information  Technology  is  evolving  at  an  incredible  speed.  Those  who  can't  keep  up 
will  be  left  behind  and  virtually  obsolete.  That's  where  RCG  Information  Technology 
comes  in.  Our  professionals  work  as  an  active  partner  with  business  and  IT  consultants 
alike.  We  put  as  much  importance  on  developing  those  relationships  as  we  do  on  finding 
solutions. 

As  a  $250  million  industry  leader,  we  are  able  to  provide  our  people  with  the  kind  of 
work  environment,  opportunities,  benefits,  growth  potential  and  progressive  training 
others  can't  match.  It's  time  to  become  more  than  just  an  employee,  become  a  partner. 
We  are  looking  for  IT  professionals  with  a  minimum  of  1+  years  experience,  for  the 
following  job  titles: 


•  PROGRAMMER/ANALYST 

•  SYSTEMS  ANALYST 

•  SYSTEMS  PROGRAMMER 

•  PROJECT  MANAGER 

•  DATABASE  ADMINISTRATOR 


•  DATABASE  ANALYST 

•  LAN  ADMINISTRATOR 

•  TESTING/QA  ANALYST 

•  WEB  DEVELOPER 


Our  skill  sets  include: 

•  CLIENT/SERVER  •  E-COMMERCE 

•  ERP  -  SAP,  PEOPLESOFT  •  MAINFRAME 

•  INTERNET  •  MID-RANGE,  AS/400 

For  consideration,  please  send  your  resume  to:  RCG  Information 
Technology;  Attn:  Jerry  Roper,  55  Broad  Street,  19th  Floor,  New 
York,  NY  10904;  Phone:  (800)  832-8766,  FAX:  (212)  547-2026 
or  Email  to:  jroper@rcgit.com  EOE. 


INFORMATION 


Visit  our  website  ah  www.rcgit.com 


TECHNOLOGY 


POSITIONS  NATIONWIDE 

JOBS:  Management  Consul¬ 
tants,  IT  Consultants,  IS 
Auditors,  ERP  Consultants, 
CIO’s,  CTO’s,  Etc. 

LEVELS:  All  Levels 
LOCATIONS:  Nationwide 

CLIENTS:  Consulting  Cos; 
CPA  Firms;  Cos.  In  Most 
Industries  (Including  Start-Ups) 

CONFIDENTIALITY:  Assured. 
PROCESS:  Send  Resume: 
EMAIL:  alliedsrch@aol.com 
FAX:  1-415-921-5309 

MAIL:  Allied  Search,  Inc.,  Box 
472410,  San  Francisco,  CA 
94147-2410,  Attn:  Don  May 


Systems  Specialist 

Research,  analyze,  design,  pro¬ 
gram  and  maintain  moderately 
complex  to  complex  mainframe 
Claims  and  Corporate  systems 
using  COBOL,  CICS,  VSAM, 
JCL,  SQL,  FOCUS,  Microsoft 
Access,  Lotus  1-2-3,  DB2  and 
TELON;  analyze  software  spec¬ 
ifications  and  determine  appli¬ 
cations’  requirements  and  con¬ 
straints;  utilizing  knowledge  of 
Claims  operations,  evaluate 
Claims  business  processes  and 
recommend/  design  new  sys¬ 
tems  solutions;  use  mathemati¬ 
cal  modeling  theory  and 
techniques  to  predict  outcome 
and  consequences  of  design; 
develop  systems  documenta¬ 
tion  and  user  guides;  provide 
technical  expertise  to  users  and 
development  team;  participate 
in  special  projects  as  required. 
Requirements;  B.S.  Computer 
Science  or  Mathematics  (or 
academic/experiential  equiva¬ 
lent)  and  2  years  of  experience 
as  Applications  Programmer  I 
or  Applications  Programmer 
I/Claims  Management 

Information.  Hours:  37 

1 /2/week.  Salary:  $50K/yr. 
Interested  applicants  apply  at 
your  nearest  Job  Service  office 
or  submit  resume  to:  Job 
Service,  500  W.  Trade  Street, 
Charlotte,  North  Carolina 
28202.  All  resumes  must 
include  a  Social  Security  num¬ 
ber  and  refer  to  Job  Order  # 
NC2623463  and  DOT  code 
030.062-010 


Senior  Analyst  - 
Emerging  Technologies 


Direct  &  perform  activities  related  to  the  access  & 
dissemination  of  electronically  managed  information 
among  company  business  units  &  product  groups,  vendors 
&  business  associates,  with  emphasis  on  the  leveraging  of 
new  &  emerging  communication  technologies. 

Duties  include:  serve  as  liaison  between  company  &  informa¬ 
tion  sharing  business  partners,  coordinating  information 
sharing  systems  development,  enhancement  &  problem 
resolution;  provide  direct,  ongoing  support  for  installed 
external  information  sharing  programs;  recommend  new  & 
enhanced  external  information  sharing  processes,  providing 
sufficient  technical  documentation  of  evaluations  &  recom¬ 
mendations  to  facilitate  system  development  &  installation; 
manage  development  &  implementation  of  approved  projects; 
provide  business  information  system  program  planning,  design 
&  analysis;  advise  executive  management  of  information 
sharing  opportunities;  coordinate  information  sharing, 
providing  uniform  approaches  to  system  architecture;  analyze 
proposed  projects  in  terms  of  cost/benefit  feasibility; 
document  potential  changes  to  operating  envelope;  maintain 
knowledge  of  business  practices  &  IS  technologies;  manage 
the  activities  of  systems  development  project  teams. 

Required:  B.S.  or  equivalent  in  Comp  Sci  or  related  and  I  yr 
exp  as  a  Systems  Analyst.  Send  resume  to:  Andrew 
Corporation,  10500  W.  153rd  St,  Orland  Park,  I L,  60462,  Attn: 
J.  Ceresa  or  e-mail  to  Janice.Ceresa@andrew.com  EOE 


ANDREW . 


PowerBuilder/ 

MS-SQL  Application  Developers 

INDEPENDENCE  INVESTMENT  ASSOCIATES,  a  Boston-area 
investment  firm  engaged  in  institutional  money  mangement,  has  an 
immediate  need  to  fill  a  range  of  PowerBuilder  /  MS-SQL  Application 
Developer  positions  relevant  to  our  business.  These  positions  will  be 
responsible  for  some  or  all  phases  of  customized  software  application 
development  in  support  of  the  Company's  investment  management- 
related  services. 

•  Education  required  is  a  Bachelor’s-level  degree  (or  equivalent)  in 
Computer  Science  or  similarly  relevant  field. 

•  Experience  required  is  three  (3)  to  eight  (8)  years  (depending  on 
level  of  position  sought)  involving  all  phases  of  structured  software 
application  development  and  support. 

•  Minimum  basic  skills  required  for  all  positions  is  the  demonstrated 
ability  to  utilize  PowerBuilder  and  Microsoft  SQL  Server  in  the  devel¬ 
opment  process. 

•  More  senior  level  positions  additionally  require  the  demonstrated 
ability  to  introduce  new  techniques,  technologies,  systems,  and  pro¬ 
ject  management  skills  to  the  application  development  process. 

•  Starting  salaries  range  from  $60,000  to  $125,000  per  year,  together 
with  fifteen  (15)  days  paid  vacation,  medical  and  life  insurances,  and 
other  industry-competitive  benefits. 

Respond  with  resume  only  to:  Ms.  Frances  Fitzgerald  Brian,  Senior 
Vice  President,  Systems  &  Operations,  Independence  Investment 
Associates,  Inc.,  53  State  Street,  Boston,  MA  02109,  An  EOE/MFHV 


(rrSISES&D 


East  it  CAREERS  IT  CAREERS 


CAREERS 


IT  CAREERS 


IT careers  and 
(Tcareers.com 
reach  more  than 
2/3  of  all  US  IT 
workers  every 
week.  If  you  need 
to  hire  top  talent, 
start  by  hiring  us. 

Cali  you  ITcareers 
Sales 

Representative  or 
Janis  Crowley  at 
1-800-762-2977. 


ITcareers 

where  the  best 
get  better 

IT  careers.com 


Principal  Software 
Engineer 

Design  and  develop  distrib¬ 
uted  computing  client/serv¬ 
er  based  applications  with¬ 
in  Windows  and  UNIX 
environments.  Design  and 
code  32-bit  Microsoft 
Windows-based  GUIs. 
Work  with  ODBC,  SQL, 
Triggers  and  stored  proce¬ 
dures  using  database  sys¬ 
tems.  Work  with  cross  plat¬ 
form  software  development 
on  Unix  platforms.  BS 
(comp  sci,  rel  field/equiv) 
and  5  yrs  exp.  (or  5  yrs  exp 
as  Software  Engineer).  40 
hrs/wk.  Send  resume  to 
Human  Resources 

Department,  Siva 

Consultancy  Services,  Inc., 
83  Second  Avenue, 
Burlington,  MA  01803. 


Programmer  Analyst  (multiple 
openings)  to  plan,  develop,  test 
&  document  computer  pro¬ 
grams;  &  use  1  or  more  of  the 
following:  Visual  Basic,  MS 
Access,  Windows  NT  &/or 
Windows  95;  Reqs.  Bachelor’s 
in  Comp.  Sci.,  Systems 
Analysis,  Comp.  Info.  Systems, 
Comp.  Engg.,  Electrical  or 
Electronic  Engg.  or  Math  or  its 
foreign  educ  equiv  plus  1  yr  exp 
in  job  offered  or  1  yr  related  exp 
as  Programmer,  Programmer 
Analyst,  Systems  Analyst, 
S/ware  Engr  or  Consultant; 
$56,500/yr,  40  hrs/wk,  8a-5p. 
Send  resume  or  CV  to  The 
Phila.  Job  Bank,  444  N.  3rd  St. 
-  3rd  FI.,  Phila,  PA  19123,  J.O. 
#1029273 


The  World  Of 
Work  Is  Changing 
Every  Week. 


Luckily,  We  Are 
Too! 

For  the  most  up  to  date 
opportunities  and  coverage, 
stay  tuned  in  with  us. 

ITcareers 

where  the  best  get  better 

ITcareers.com 


Database 

Administrator 

Participate  in  the  physical  and 
logical  database  design.  Install 
and  upgrade  ORACLE  RDBMS 
and  related  components.  Manage 
ORACLE  RDBMS  server  and  its 
objects;  monitor  database  growth 
and  disk  space  activities.  Provide 
uninterrupted  database  access  for 
the  mission  critical  enterprise 
application  with  Backup  and 
Recovery  Implementation. 

Maintain  security  for  ORACLE 
RDBMS,  configure,  tune  and 
optimize  database;  study  and  test 
new  software  releases  and  new 
product/tool  evaluations.  Develop 
system,  application  and  database 
wide  standards  and  policies. 
Responsible  for  application 
tuning,  data  modeling  and  data 
mapping.  Install,  maintain  and 
monitor  the  ORACLE  web  server 
and  monitor  the  web  server, 
administrative  logs  and  provide 
assessment  of  database  impact  and 
operational  support.  Knowledge  of 
Oracle,  SQL*DBA,  SQL'Plus, 
Exp/Imp,  PRO'C,  PL/SQL,  C, 
COBOL,  PowerBuilder,  Visual 
Basic,  UNIX,  Sun  Solaris,  HP-UX, 
DG/UX,  VAX/VMS,  Netware, 
Windows,  Sun  Sparc,  HP  9000, 

DG  Aviion,  and  IBM  PC.  M.S.  in 
Computer  Science  and 
1  year  experience  OR  1  year 
experience  as  a  Sr.  Software 
Engineer.  M-F,  9-5,  40  hrs/wk., 
$70,000  peryear.  Send  2 
resumes  to  Case  #19982994, 

P.0.  Box  8968,  Boston,  MA  02114. 


Systems  Analyst  to  analyze, 
design,  develop  and  implement 
System  Application  Product 
(SAP)  in  client  server  and  main¬ 
frame  environments  using 
Advanced  Business  Application 
Programming  (ABAP/4), 
Oracle,  Visual  Basic  and  object- 
oriented  programming  in  Unix 
environments;  Map  and  config¬ 
ure  requirements  and  re-engi- 
neer  business  process  to  SAP 
structure  using  EDI,  ALE,  BAPI, 
SAP  Script,  Screen  Painter  and 
SAP  Basis;  Develop  Internet 
Application  Components  (IAC) 
using  ABAP/4,  HTML  and 
Active-X  Controls,  Require: 
B.S.  degree  in  Computer 
Science,  Electronic  and 
Communication  Engineering,  or 
a  closely  related  field,  with  one 
year  of  experience  in  the  job. 
Extensive  travel  on  assign¬ 
ments  to  various  client  sites 
within  the  U.S.  is  required. 
Salary:  $60,000  per  year,  8:00 
am  to  5:00  pm,  M-F.  Send 
resume  to  Saravana 
Swaminathan,  President,  Excel 
Corp.  (Bellsoft),  3545  Cruse 
Road,  Suite  309-G, 
Lawrenceville,  GA  30044;  Attn: 
Job  KR. 


Networking  Engineer  (multiple 
openings)  to  design  &  imple¬ 
ment  wide  area  networks  using 
Cisco  routers  2000  &  4000 
series;  configure  firewall  & 
implement  network  security  & 
performance;  troubleshoot  net¬ 
work  related  problems  using 
Sniffer  &  LAN  analyzer;  config¬ 
ure  &  maintain  Windows  NT 
networks;  &  provide  technical 
solutions  for  messaging  opera¬ 
tions,  Reqs.  Bachelor’s  in 
Comp.  Sci.,  Systems  Analysis, 
Comp.  Info.  Systems,  Comp. 
Engg.,  Electrical  or  Electronic 
Engg.,  Electrical  &  Electronics 
Engg.  or  Math  or  its  foreign 
educ  equiv  plus  2  yrs  exp  in  job 
ottered  or  2  yrs  related  exp  as 
Programmer,  Programmer 
Analyst,  Systems  Analyst, 
Networking  Engr.,  S/ware  Engr. 
or  S/ware  Consultant; 
$60,550/yr,  40  hrs/wk,  8a-5p. 
Send  resume  or  CV  to  The 
Phila.  Job  Bank,  444  N.  3rd  St. 
-  3rd  FI.,  Phila,  PA  19123,  J.O. 
#5029177 


The  Computer  Consultants  USA, 
Inc.  needs  experienced  profession¬ 
als  in  the  following  positions: 

Sr.  Data  Architect  Analyst/ 
Administrator  to  design,  develop  & 
implement  logical,  physical  design 
&  reverse  engineering  using 
ERWin  logic  works, 

PowerDesigner/Designer2000. 
Create  &  manage  middleware 
using  Tuxedo  TP.  Excellent  ability 
to  create  &  maintain  MS  SQL 
Server,  Oracle  8i/80LTP,  OLAP,  hot 
standbys,  multiple  distributed  repli¬ 
cas  &  VLDB  on  AIX,  HP-UX, 
UnixWare,  NT,  SunOS/Soiaris. 
Korn,  C  shell  &  PERL  scripting  is  a 
must.  Exp.  in  backup/  restore  of 
critical  dbs  using  SQL  backtrack, 
ARC  Serve  &  Enterprise  backup 
utility.  Performance  monitoring  & 
tuning  using  tkprof ,  SQL  trace  facil¬ 
ity.  OEM,  Oracle  monitor  suite. 
Configure  &  maintain  networking, 
connection  pooling  &  multiplexing 
using  net8/sql'net  &  Oracle  con¬ 
nection  manager.  Web  experience 
in  Oracle  Web  application  server  & 
IIS4  and  programming  exp.  in  VB, 
C++  (OOP).  developer2000  is  pre¬ 
ferred;  MS  Comp  Sc  or  Elect.  Engg 
&  1+  yrs  hands-on  exp  required; 
$58, 000-65, 000/yr. 

Software  Engineers  (multiple 
openings)  with  expertise  in  bi-to- 
multi-directional  algorithms, 
Pattern  Recognition,  ATM  commu¬ 
nications,  Robotics.  OOAD,  Neural 
Network  model  &  Genetic 
Algorithm  applications.  Robotics, 
Data  Compression,  CORBA, 
Make,  OrbixWeh,  BEA  M3,  Java, 
Visual  Aged  &  Rumbaugh  notation, 
Lotus  Notes,  Unix  SMTP  or  D/nix, 
Oracle  Applications  10.7  NCA, 
Application  Object  Library  10.7  + 
Chain  Link  Object  Migrator,  C, 
Pro’C,  HTML,  Reflection,  FTP, 
Telnet,  ASP, Active  X  Controls, 
DHTML,  Prolog,  Smalltalk,  Visual 
Age  Smalltalk,  Visual  Works, 
Visual  Smalltalk,  Procedure 
Builder,  Min.  1  yr.  exp.  or 
equiv.  reqd.  $59,000-  70,000.00/yr. 
Software/Network  Engineers  (mul¬ 
tiple  openings)  with  skills  in  high¬ 
speed  data  network,  distributed 
computing,  WinNT  Servers  &  work¬ 
station,  DHCP,  DNS,  IIS,  J++, 
Lotus  Notes,  Linux,  TCP/IP, 
Arcserve,  Craft  Interface,  IPX/SPX, 
protocols,  Visio,  ProComm  Plus, 
Newbridge  Multiplexer  3645  High 
Capacity  Bandwidth  Manager, 
ACC  Amazon  Routers,  &  CCIVIIS. 
Min.  1  yr.  exp.  or  equiv,  reqd,  & 
$59, 000-65, 000/yr. 

Sr.  Systems  Analysts  (multiple 
openings)  with  expertise  in  MPE 
XL,  ALLBASE,  PRO-  C,  ICLM  K- 
1025,  UNIFY,  C,  NELCO  F-20, 
Bachman  XTRACT  Platinum 
Toolset,  BMC  Toolset,  VS- 
COBOLH,  COBOL370,  OS/JCL, 
PL/I,  IMS  DB/DC,  TSOfISPF,  PRO¬ 
EDIT,  Roscoe,  SQA  Manager,  SQA 
Comparators,  Mercury  Interactive 
Willrunner.  Min.  1  yr  exp.  or  equiv. 
reqd.  $58-65, 000/yr.  Fax  resume: 
(732)  438-8704  or  e-mail  to 
tvravi@tccusainc.com 


Sr.  Software 

Engineer/Systems  Architect; 

Design  and  implement  systems 
based  on  Business  Process 
Analysis  and  client  require¬ 
ments.  Conduct  joint  applica¬ 
tion  development  session  to 
gather  requirements  based  on 
business  requirements  and  sys¬ 
tem  architecture.  Deliver  high 
level  design  document. 
Architect,  develop  and  imple¬ 
ment  all  phases  of  an  applica¬ 
tion.  Install  and  implement 
application  at  client  site. 
Knowledge  of:  Microsoft  Visual 
Basic,  VBScript,  Access,  Visual 
C++,  UNIX  Bourne  Shell, 
HTML,  FoxPro,  Dbase, 
Assembly  and  PowerBuilder. 
A.S.  or  Foreign  Equivalent  in 
Computer  Sci./Eng.  and  2  yrs. 
exp.  OR  2  yrs.  exp.  as  a 
Software  Eng.  M-F,  9-5,  40 
hrs/wk.,  $68,000  per  year. 

Send  2  resumes  to 
Case  #  19982891, 

P.O.  Box  8968, 

Boston,  MA  02114. 


Hexaware  Technologies,  Inc.  is  a  high-growth  multinational  IT  services  firm. 

A  Deloitte  &  Touche  study  identified  Hexaware  as  one  of  the  500  fastest 
growing  technology  companies  in  the  United  States  and  the  1 6th  fastest 
growing  IT  company  in  New  Jersey.  Hexaware  is  one  of  36  companies 
worldwide  to  achieve  the  SEI  CMM  Level  4  -  a  high  quality  designation. 

We  need  software  engineers/project  leaders  with  a  minimum  of  4  years 
of  overall  experience  and  at  least  I  year  in  the  core  skill  areas  listed. 

Java,  JDK,  Servlets,  SWING,  Websphere,  Weblogic 

▲ 

XML,  DHTML,  HTML,  Frontpage,  Coldfusion,  Broadvision 
Unix,  C,  C++,  Perl/CGI,  Corba,  EJB 
Visual  Basic,  ASP,  ActiveX,  COM,  DCOM,  MTS,  MSS 

MQSeries,  Tuxedo,  VITRIA,  NEON,  MSMQ 

▲ 

System  level  programming  with  Unix/NT  internals,  C,  C++ 

[  in  addition,  experience  in  Finance  and  Insurance  sectors  is  desirable,  j 

Multiple  positions  open  countrywide,  should  be  willing  to  relocate. 

We  offer  an  excellent  compensation  package  and  comprehensive 
benefits.  If  you  have  what  it  takes,  please 
send  your  resume  to:  The  Recruiter, 

Hexaware  Technologies  Inc. 

5  Independence  Way, 

Princeton,  New  Jersey  08540 
Fax:  801-469-5908 

E-mail:  careers@hexaware.com  TECHNOLOGIES,  INC 


Hexaware 


Software  Engineer 

(Altamonte  Springs,  FL). 
S/w  devel.  (90%  of  time):  X 
Window  servers  &  X 
Window  apps;  porting 
XII R6  &  other  X  Window 
ports  to  newer  products 
while  working  on  X 
Recorder;  writing  X 
Window  server  code,  X 
Window  app.  programs  & 
UNIX  shell  installation 
scripts  for  new  s/w  releas¬ 
es.  Sys  admin  (10%);  han¬ 
dle  backups,  maintain  user 
accounts,  install  s/w, 
respond  to  user  probs, 
both  on  UNIX  machines  & 
PCs,  &  perform  tech  sup¬ 
port  duties  when  need  aris¬ 
es.  M.S.  in  EE,  Comp.  Sci., 
or  sim,  &  have  4  mos  exp 
in,  or  have  completed  1 
university-level  course  in 
(or  a  major  academic  pro¬ 
ject  requiring  extensive  use 
of)  each  of:  C,  UNIX,  shell 
scripts,  X  server  &  Xlib, 
UNIX  networking,  2D  &  3D 
computer  graphics,  digtal  & 
analog  electronics, 

Assembly,  &  Forth  code. 
Excellent  communication 
skills  req’d  $45,000/yr. 
40hrs/wk,  9am-5pm. 

Send  resume  to  Dept,  of 
Labor/Bureau  of  Workforce 
Program  Support,  P.O.  Box 
10869,  Tallahassee,  FL  32302- 
0869. 

Refer  to  J.O.#FL-2027064, 
DOT  Code  030.062-010. 

SENIOR  SOFTWARE 

ENGINEER 

to  provide  on-site  software 
consultancy  to  analyze, 
design,  develop,  test, 
implement  and  support 
business  application  soft¬ 
ware  using  Open  VMS  7.1, 
HP-UX  9.0,  DCL,  UNIX 
Shell  Scripts,  DECFORMS 
2.2,  CMS,  MMS,  Oracle 
8.0.5,  Sybase  System  10, 
C,  Pro*C  with  Efmbedded 
SQL,  SQLPLUS,  PL7SQL 
2.0  in  DEC-Alpha  Server 
and  HP  Server  environ¬ 
ments;  design  and  develop 
real-time  application  using 
Open-VMS,  C  and  Oracle 
8.0.5;  conduct  software 
quality  testing.  Require; 
M.S.  in  Computer 

Science/Mathematics(or 
equivalent)  and  two  years 
experience  in  the  job 
offered  or  as  Programmer/ 
Analyst  or  any  experience 
providing  the  above 
described  skills  (B.S.  or 
equivalent  with  five  years 
progressively  responsible 
experience  may  be  substi¬ 
tuted  for  M.S.  degree). 
40%  travel  required  to 
client  sites.  Salary: 

$65,000  per  year,  8:30  am 
to  5:00  pm,  M-F.  Mail 
resume  to  President, 
YASH  Technologies,  Inc., 
2100  Parklake  Drive,  NE, 
Suite  F,  Atlanta,  GA  30345- 
2167. 

Software  Engineer  to  design, 
develop,  test  implement  and 

maintain  Advanced  Business 
Application  Program  (ABAP) 
interfaces  and  conversions  in  a 
client/server  environment  using 
ABAP,  Oracle,  PROGRESS, 
DBase  and  object  oriented  pro¬ 
gramming  under  Unix,  OSF/1, 
AIX  and  Windows  NT  operating 
systems;  Map  and  configure 
requirements  to  SAP  in  data 
processing  and  re-engineer  to 
SAP  organizational  structures 
using  ABAP/4  Workbench,  SAP 
script,  Screen  Painter,  Menu 
Painter,  EDI,  ALE,  data  conver¬ 
sion  and  BASIS  with  program¬ 
ming  languages  such  as  ABAP, 
C,  C++,  CICS,  MVS/ESA,  JCL, 
DB6,  PROGRESS,  Foxbase, 
Pascal,  Clipper  and  Shell  in 

client/server  environment. 

Require:  M.S.  degree  in 
Computer  Science,  or  a  closely 
related  fieid,  with  one  year  of 
experience  in  the  job  ottered. 
Extensive  travel  on  assign¬ 
ments  to  various  clients  sites 

within  the  U.S.  is  required. 
Salary:  $65,000  per  year,  8:00 
am  to  5:00  pm,  M-F,  Send 

resume  to  Saravana 

Swaminathan,  President,  Excel 
Corp.  (Bellsoft),  3545  Cruse 
Road,  Suite  309-G, 

Lawrenceville,  GA  30044;  Attn: 

Job  JK. 

Sr.  S/W  Eng’r: 

Research  dsgn,  devl’p  &  test 
power  bill’g  sys.  applic’n  w/ 
SmallTalk,  Visual  Works  2.5  & 
GemStone  4.1  obj. -oriented 
reiat’n'l  db  engine;  Plan/direct 
sftwr  eng'r  to  devl’p/implem't 
OODB  applic’n  w/PowerBuilder, 
Power-Tool,  PowerFrame  & 
Oracle/Sybase  on  Unix/PC; 
Deploy  opt’z /  convert  db  server 
from  main'F  to  IDMS  Nwk; 
Implem’t  multi-platfm  client/ 
server  info  sys.  40h/w,  $74k/y, 
8-5,  MS  in  Comp.  Sci.,  4  yr  in 
s/w  posit’n  w/  SmallTalk  & 
Gemstone.  Resume  to  Bureau 
Wrkfc,  PO  Box  10869, 
Tallahassee, 

FL  32302  Re:  Job#FL-2028622 

Computer 

wEmmsmm 

Mini-Micro  Supply,  a  nation¬ 
wide  computer  distributor,  is 
seeking  a  Network  Engineer 
for  its  East  Coast  operations 
in  New  York  City.  Req. 
Bachelor's  in  Comp  Sci  or 
Engg  &  1  yr  exp  analyzing, 
dsgng  &  dvlpg  for  LANs  and 
WANs  under  TCP/IP  & 
dvlpg  program  using  C++. 
Response  to:  H.R.  Mini- 
Micro  Supply  Inc.  40-22 
College  Point  Blvd. 

Flushing,  NY  11354 

S/W  Consul't: 

Dsgn,  devl'p  &  maint’n  military 
invent’y  mgt  sys.  w/ 

Powerbuilder  5/6  (PB)  &  MS 
SOL  Server  6/Sybase  Sys  11  in 
client/server;  Provide  PB  train’g 
monitor’g  &  co-devlp’t  for 
clients;  Adm.  sys.  applic'ns  w / 
Sybase  11  on  Novell  Netware 
4.1;  Work  alone  at  client 
site/lead  devlp’g  team  in-house 
to  dsgn  DB  models,  opt’z  db 
mgt  w/Sybase  &  train  users  on 
db  mgt.  40  h/w,  $50k/y,  8-5,  BS 
in  Electro.  Eng’g,  1  yr  in  job/3  yr 
in  s/w  posit'n  w  PB/ 
Sybase/SOL  Server.  Resume 
to  Bureau  Wrkfc,  PO  Box 
10869,  Tallahassee,  FL  32302. 
Re;  Job#FL-2029473 

ca 
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Talent  is 
the  fuel  of 
the  new 
economy. 


Fill  up 
with 

ITcareers. 


ITcareers  and 
ITcareers.com  can 
put  your  message 
in  front  of  2/3 
of  all  US  IT 
professionals.  If 
you  want  to  make 
hires,  make  your 
way  into  our 
pages. 

Call  Janis  Crowley 
at  1-800-762-2977 


ITcareers 

where  the  best 
get  better 


Programmer  Analyst  sought  to 
analyze,  design  and  program 
customized  software  that  pro¬ 
vides  functions  specific  to  state 
government  child  support  on 
IBM  mainframe  using  TELON, 
COBOL,  DB2  and  IMS.  Design 
and  program  software  to  pro¬ 
vide  computer-based  training 
and  multimedia  functions  using 
MULTIMEDIA  TOOLBOOK. 
Required:  Bachelors  degree  or 
equivalent  in  computer  science 
or  engineering  plus  three  years 
of  experience  in  the  job  offered. 
M-F,  8-5;  40hrs/wk.  Salary 
$37/hr.  Submit  two  copies  of 
resume  to:  Mike  Brooks  File 
#0101156;  DWE-ALC;  PO  Box 
7972,  Madison;  Wl  53707- 
7972.  Reference  file  #C101156. 


SAP  Software  Consultant-  40 
hrs/wk,:  8am.  -  5  pm.  Salary: 
$130,000.00.  Design,  cus¬ 
tomize  and  implement  SAP 
software  to  meet  client’s 
requirements  and/or  specifica¬ 
tions.  Create  and  write  pro¬ 
grams  to  accomplish  client's 
objectives.  Advise  and  provide 
support  to  client's  current  soft¬ 
ware  system  and  business 
processes.  Application  by 
Resume  only.  Bachelor’s 
Degree  in  Engineering, 
Mathematics,  or  Science 
required.  Mail  Resumes  To: 
ATTN:  Mr.  Jim  Shimanda/  Ms. 
Debbie  Owen,  Tower  2,  Suite 
400,  1515  Arapahoe  St., 

Denver.  CO  80202-2117.  Refer 
to  Job  Order  #  CO4643014. 


Baan  Software  Consultant-  40 
hrs/wk,:  8am.  -  5  pm.  Salary: 
$92,600.00.  Design,  implement 
and  customize  Baan  software. 
Review  clients'  existing  sys¬ 
tems  and  process  to  assess 
client's  needs  and  require¬ 
ments.  Understand  client's 
specifications  and  require¬ 
ments.  Application  by  Resume 
only.  Bachelor’s  Degree  in 
Engineering,  Mathematics,  or 
Science  required.  Mail 
Resumes  To:  ATTN:  Mr.  Jim 
Shimanda/Ms.  Debbie  Owen, 
Tower  2,  Suite  400,  1515 
Arapahoe  St.,  Denver,  CO 
80202-2117.  Refer  to  Job  Order 
#  CO4643014. 


Committed  to  Quality  and  the  People 
who  Provide  it.  Osage  is  a  technology 
solutions  company  growing  on  a 
national  scale,  pointed  toward  growth 
and  opportunity.  We  are  recruiting 
experienced  IT  Professionals  for  our 
Chicago  and  Phoenix  offices  with  at 
least  one  year  experience  in  the  fol¬ 
lowing  areas:  JAVA  Software 
Development:  Sun  Systems 

Engineering  -  Systems  Engineer 
position:  Network  Security:  Network 
Engineering:  E-Commerce  solutions. 
Our  associates  efforts  are  rewarded 
with  a  competitive  pay  structure,  a 
unique  bonus  program  and  stock 
options.  For  immediate  confidential 
consideration,  please  forward  your 
resume  with  compensation  expecta¬ 
tions  to:  Osage  Systems  Group,  Inc., 
Attn.  Michelle  Schnieders.  1661  E. 
Camelback  Rd.  Suite  245,  Phoenix, 
A Z  85016 


Employment  trends  in  E-commerce  &  E-business 
Watch  for  it  in  the  January  31,  2000  Issue 
Employers  -  For  advertising  information  call 
Janis  Crowley,  1-800-762-2977 

ITcareers 

where  the  best  get  better 


Systems  Analyst  (Development): 
Creates,  develops,  modifies,  and 
implements  various  relational 
database  software  for  implemen¬ 
tation  into  an  operating  system 
by  determining  the  appropriate 
integration  procedures  to  insure 
that  the  date  can  be  accessed 
both  locally  as  well  as  networked 
in  a  client/server  environment. 
Establishes  appropriate  system 
implementation  which  will  allow 
operating  systems  to  function  on 
the  Internet  by  developing  the 
appropriate  JAVA  language  and 
Internet  tools  for  appropriate 
integration  purposes.  Develops 
appropriate  graphic  user  inter¬ 
faces  using  C  or  FoxPro  lan¬ 
guage  for  the  creation  of  cus¬ 
tomized  modules  based  upon 
individual  needs  of  end  user 
including  the  development  of 
data  structures  within  system 
parameters  for  seamless  inte¬ 
gration  purposes.  Requires 
Master's  degree  in  Computer 
Science,  Education  to  include 
completion  of  a  project  in  the 
implementation  of  software  in  an 
internet  environment  using  JAVA 
and  one  project  using  FoxPro 
and  C  for  database  implementa¬ 
tion.  Hours:  8:00  a.m.  -  5:00 
p.m.  40  hours  per  week  at 
$45,400.00  per  year  salary.  Two 
copies  of  resume  to:  Mike 
Brooks,  File  #C100972,  DWE- 
ALC,  P.O.  Box  7972;  Madison, 
Wl  53707-7972. 


Manager  - 

Database  Administration. 

Oversee  dvlpmt,  organiza¬ 
tion,  &  tech  strategy  of  global 
d/base  envrmt;  lead  &  assist 
during  dsgn,  dvlpmt,  implmtn 
&  performance  &  tuning  of 
d/base  applies;  dvlp  &  moni¬ 
tor  DB2  stds  &  d/base  securi¬ 
ty;  oversee  backup  &  recov¬ 
ery  of  DBMS;  provide 
advanced  troubleshooting  & 
tech  systms  support  for 
DBMS;  recruit  &  train  DBA 
staff.  BS  in  Comp  Sci  or  relat¬ 
ed  field  or  equiv  edu  &  exp  + 
3yr  exp  in  job  offd  or  in  relat¬ 
ed  occupation  such  as 
D/Base  Admin  or  similar 
duties  under  different  job  title. 
5yr  exp  working  W/DB2  in 
DB2/OS390  envrmt  &  w/other 
DBMS  such  as  SQL  server  & 
Oracle;  IBM  mainframe 
envrmt  exp  using  JCL,  TSO, 
CICS,  SDSF;  exp  working  in 
C/S  envrmt  assessing  DBMS; 
exp  defining  &  implmtg  tech¬ 
nical  directions  in  a  comput¬ 
ing  envrmt.  $70K/yr.  40hr/wk. 
Must  have  proof  of  legal  auth 
to  work  in  US.  Send  your 
resume  to  IA  Workforce  Ctr, 
215  Keo  Way,  Des  Moines,  IA 
50309-1727.  Please  refer  to 
JO#  IA1100989.  Employer 
paid  ad. 


Senior  Programmer/Analyst 
sought  by  company  in  Denver, 
CO  specializing  in  business 
software  solutions  to  work  in 
Denver  &  other  unanticipated 
job  sites  in  the  US.  At  a  senior 
level,  engage  in  full-cycle  soft¬ 
ware  development.  Specifically, 
design  &  develop  client/server 
&  web-enabled  distribution  soft¬ 
ware  applications,  using  propri¬ 
etary  case  tools.  Analyze 
requirements.  Create  designs  & 
design  documentation.  Code, 
test,  &  de-bug  the  software 
applications.  Use  programming 
language  C  &  Java  Generators 
in  the  design  &  development 
process.  Requires  Bachelor's 
or  foreign  equivalent  in  comput¬ 
er  science  or  related 
field  (including  electrical  &  com¬ 
munication  engineering);  work¬ 
ing  knowledge  of  full  life-cycle 
software  development,  case 
tools,  &  web-enabled  software 
applications.  8am-5pm,  M-F; 
$59, 600/year.  (2  openings.) 
Respond  to  James  Shimada, 
Colorado  Department  of  Labor 
&  Employment,  Employment  & 
Training  Division,  Tower  II, 
#400,  1515  Arapahoe,  Denver, 
CO  80202,  &  refer  to  Job  Order 
#C04644365 


Powe 


Careers  a  2o- 
Lanfe  Corporal! 

Get  your  groove  on  with  a  company  that  really  knows  how  to  shake  things  up.  At  Lante  Corporation  our 
free-spirited  attitude  and  cutting-edge  technologists  let  us  build  innovative  .com  businesses  that 
unleash  e-markets. 


i 

' 

I 


i 


In  this  new  generation  of  smashing  commerce,  we’ve  been  a  swinging  player  since  1984.  If  you  want  to 
be  part  of  the  A  list,  the  who’s  who  in  the  e-world,  check  out  our: 


TECHNOLOGISTS  VIRTUAL  JOB 
www.lante-ecareers.com 


January  9th  -  January  1 


Register  on-line  to  WIN  A  Fab,  PsycheDELLic  COMPirith 


■ 

i 


We  seek  people  with  a  Bachelor's  degree  and  5-10  years  of  proven  industry  experience  for: 

•  Principals  •  Architects 

•  Creative  Directors  •  Project  Leaders 

Pros  who  possess  a  Bachelor's  degree  and  1-4  years  experience  are  also  needed  as: 

•  Strategists  •  Sr.  e-Developers 

•  Sr.  e-Designers  •  Sr.  Consultants 

To  learn  more  about  these  mission  critical  positions  and  the  benefits  of  a  career  with  Lante,  Visit  our 
Technologists  Virtual  Job  Fair  today  at:  www.lante-ecareers.com 

Inquiries  are  also  welcome  via: 
e-mail:  ecareers@lante.com 
Fax:  1-972-774-4493 
Phone:  1-972-774-4490 

ask  for  David  Wolchansky 

These  positions  are  based  in  Austin,  and  relocation  assistance  is  available  to  qualified  candidates. 
Positions  are  also  available  at  our  other  branch  offices.  For  a  complete  listing  of  current  opportunities, 
visit  us  at:  www.lante.com 
an  equal  opportunity  employer  m/f/d/v 


Lante 


High-Impact 

.confBusiness  Builders 


Programmer/Analyst  sought  by 
company  in  Denver,  CO  spe¬ 
cializing  in  business  software 
solutions.  Under  close  supervi¬ 
sion,  engage  in  moderately 
complex  tasks  regarding  the 
design  &  development  of  cus¬ 
tomer  relationship  management 
software  applications  that  inter¬ 
face  with  a  variety  of  relational 
database  management  sys¬ 
tems.  Analyze  requirements. 
Create  designs  &  design  docu¬ 
mentation.  Code,  test,  &  de-bug 
the  software  applications.  Use 
proprietary  CASE  tools  &  pro¬ 
gramming  language  C  in  the 
design  &  development  process. 
Requires  Bachelor’s  in  comput- 
er  science,  computer  informa¬ 
tion  systems  or  related  field;  1 
year  exp.  designings  develop¬ 
ing  customer  relationship  man¬ 
agement  software  that  access¬ 
es  relational  database  manage¬ 
ment  systems  using  CASE 
tools  S  one  year  experience 
using  programming  languages 
C.  8am-5pm,  M-F;  $49,500/ 
year.(2  openings.)  Respond  by 
resume  to  James  Shimada, 
Colorado  Department  of  Labor 
S  Employment,  Employment  S 
Training  Division,  Tower  II, 
#400,  1515  Arapahoe,  Denver. 
CO  80202,  S  refer  to  Job  Order 
#C04644384. 


Financial  Software  Analyst 
sought  by  software  consulting 
service  in  Westminster,  CO  to 
work  in  Westminster  &  other 
unanticipated  job  sites  in  the 
U.S.,  to  provide  quality  assur¬ 
ance  for  financial  &  accounting 
software  systems.  Develop  test 
plans,  test  scripts.  &  implement 
&  verify  test  results.  Analyze 
software  systems  to  ensure  that 
they  are  consistent  with  gener¬ 
ally  accepted  accounting  princi¬ 
ples  &  with  client  needs.  Test 
software  systems  on  UNIX  & 
Windows  NT  operating  sys¬ 
tems,  &  on  client/server  archi¬ 
tecture.  Work  with  Oracle  & 
Microsoft  Access  databases, 
using  Visual  Basic  &  Oracle 
Developer  2000  programming 
languages,  &  SQA  Suites. 
Requires  Master's  in 
Accounting  or  related  field; 
working  knowledge  of  Visual 
Basic  &  Oracle  Developer  2000 
programming  languages,  UNIX 
operating  systems,  &  SQA 
Suite.  Working  knowledge  of 
providing  quality  assurance  for 
accounting  &/or  financial  soft¬ 
ware  systems.  $59,700/yr;  M-F; 
8am-5pm.  (2  openings) 
Respond  by  resume  to  James 
Shimada,  CO  Department  of 
Labor  &  Employment,  Tower  II, 
#400,  1515  Arapahoe  St., 

Denver,  CO  80202,  &  refer  to 
Job  Order  No.  C04644248. 


Software  Engineer 

(Lafayette,  CO)  -  Bachelor's 
degree  or  equivalent  foreign 
degree  in  Physics  or 
Computer  Science.  1  yr.  exp. 
in  job  offered.  The  following 
duties  are  performed  under 
supervision  and  are  closely 
monitored.  Analyze  user 
requirements  for  software 
development.  Design  and 
develop  software  solutions  for 
laser  engraving,  cutting  and 
welding  systems.  Utilize 
physics  based  methodologies 
including  formulas  and  theo¬ 
retical  calculations  to  design 
laser  machines.  Construct 
and  debug  computer  pro¬ 
grams.  Integrate  and  test  soft¬ 
ware  modules.  Develop  busi¬ 
ness  solution  and  prototype 
for  laser  machines.  Visual 
C++,  C++,  Assembler  and 
Pascal.  Evaluate  interface 
between  hardware  and  soft¬ 
ware.  40  hr.  wk.  Salary  48,21 5 
per  year.  Application  by 
resume  ONLY  to  Colorado 
Department  of  Labor  & 
Employment,  Attn.:  Jim 
Shimada,  Office  of 
Employment  Programs,  Two 
Park  Central,  Suite  400,  1515 
Arapahoe  Street,  Denver, 
Colorado  80202-2117,  and 
refer  to  Job  Order  Number  CO 
C04644354.  NO  PHONE 
CALLS  PLEASE.  Must  have 
proof  of  legal  authority  to  work 
in  the  US. 


WWW.ITCAREERS.COM 


Sr.  Software  Engineer  sought 
by  software  development  com¬ 
pany  in  Denver,  CO,  to  work  in 
Denver  &  other  unanticipated 
job  sites  in  the  U.S.,  to,  at  a 
senior  level,  design  &  develop 
client/server,  multi-tier,  &  web- 
based  software  applications 
that  incorporate  Tuxedo  middle¬ 
ware  &  ORACLE  relational 
database  management  sys¬ 
tems  &  are  platform  indepen¬ 
dent.  Engage  in  writing  require¬ 
ments  documents  &  in  project 
scheduling.  Analyze  require¬ 
ments,  create  designs  &  design 
documentation,  code,  test,  & 
debug  the  software  applica¬ 
tions.  Use  the  Rational  Rose 
object-oriented  analysis  & 
design  methodology.  C,  C++,  & 
JAVA  programming  languages, 
embedded  SQL,  &  the  PERL 
scripting  language  in  the  design 
&  development  process. 
Provide  user  training  &  support 
as  necessary.  Provide  mentor¬ 
ing  to  other  software  develop¬ 
ers.  Requires  Bachelor's  or 
equivalent  (2  yrs  of  software 
development  experience),  or 
foreign  degree  equivalent.  4  yrs 
experience  designing  &  devel¬ 
oping  client/server  software 
applications  using  embedded 
SQL  &  programming  language 
C.  Working  knowledge  of  PERL 
scripting  language.  $82,500/yr; 
M-F;  8am-5pm.  (2  openings) 
Respond  by  resume  to  James 
Shimada,  CO  Department  of 
Labor  &  Employment,  Tower  II, 
#400,  1515  Arapahoe  St., 
Denver,  CO  80202,  &  refer  to 
Job  Order  No.  CO4644250. 
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From  scratch 

continued  from  page  1 

1:  Preheat  the  desktops 

Companies  usually  start  off 
with  Enhanced  Category-5,  or 
Cat-5E,  wiring  to  the  desktop.  In 
past  years,  Category-5  has  been 
the  standard,  serving  well  in 
carrying  traffic  up  to  100M 
bit/sec.  But  users  are  looking  to 
the  future. 

“We’re  wiring  for  growth,” 
says  Dave  Orifice,  supervisor  of 
network  operations  at  Banyan 
Worldwide  Services,  a  consult¬ 
ing  division  of  Banyan  World¬ 
wide  in  Westborough,  Mass. 

Although  Gigabit  Ethernet  is 
supposed  to  run  over  ordinary 
Cat-5,  Cat-5E  ensures  that 
Gigabit  Ethernet  over  copper 
will  work.  Orifice  says  the  com- 


Arbella  Insurances  Reppucci 
put  a  premium  on  port  density  of 
Ethernet  switches. 


pany  has  no  definite  plans  to 
run  Gigabit  Ethernet  to  the 
desktop,  “but  if  the  technology 
goes  that  far  without  getting  too 
expensive,  we’re  ready.” 

Few  would  dispute  the  asser¬ 
tion  that  any  new  network 
interface  cards  for  the  desktops 
should  be  10/100M  bit/sec 
Ethernet  NICs.At  one  extreme, 
gigabit  rates  to  the  desktop 
would  be  extravagant.  At  the 
other,  10/100M  bit/sec  NICs  are 
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How  typical 

Here's  what  a  typical,  new  campus  network  might  look  like. 

O  Router  is  used  mainly  for  WAN  connections. 
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Gigabit  Ethernet 

Q  Layer  3  switches  are  at 
the  network's  core  and 
Gigabit  Ethernet  links  are 
throughout  the  backbone. 
Switches  are  likely  to  be 
voice-ready  for  future 
packet  voice  installations. 


Q  Servers  can  be 
connected  directly 
m  to  a  Layer  2  or 
Layer  3  switch. 
Switches  may  also 
have  load-balancing 
features. 
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as  inexpensive  as  10M  bit/sec- 
only  NICs  ever  were.  As  for  LAN 
technologies  other  than 
Ethernet,  they  are  rarely  even 
considered  for  new  networks 
these  days. 

2:  Combine  in  a  large  closet 

Desktops  usually  plug  in  to 
a  10/100M  bit/sec  Ethernet 
desktop  switch  in  the  wiring 
closet.  Here,  port  density  is  a 
big  consideration. 

This  was  foremost  on  John 
Reppucci’s  mind  when  he  in¬ 
stalled  a  new  network  for  his 
company,  Arbella  Insurance.  He 
used  Extreme  Networks’  Sum- 
mit48  desktop  switches,  each 
of  which  has  48  ports  of  10/ 
100M  bit/sec  Ethernet  in  a 
fixed  configuration. 

All  the  1,400  desktops  are 
now  capable  of  getting  100M 
bit/sec  of  switched  bandwidth, 
a  drastic  upgrade  from  the 
decade-old  10M  bit/sec  shared 
hubs  the  company  replaced. 

But  in  the  wiring  closet,  it’s 
possible  to  have  too  much 
bandwidth.“We  made  access  for 
end  users  so  quick,  we  started 
overrunning  the  servers,”  says 
Reppucci,  Arbella’s  datacom 
supervisor.  “Now,  we’re  looking 
at  Gigabit  Ethernet  to  the 
servers.” 

Many  times,  companies  will 
choose  low-cost  stackable 
switches  for  the  closet,  but 
not  always.  Suffolk  University 
recently  put  in  a  new  building 
for  its  law  school  and  used 
3Com’s  chassis-based  Core- 
Builder  9000.  The  switch  is  a 
high-end  model  often  used  in 
network  backbones. 

“It  sounds  crazy,  but  with  the 
density  requirements  of  our 
users,  we  couldn’t  do  it  with 
stackables,”  says  Fuad  Yatim, 
director  of  network  services  at 
the  school.  The  CoreBuilder 
9000  can  hold  more  than  500 
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Fast  Ethernet  ports. 

2a:  Add  a  little  wireless  to 
taste 

The  bandwidth  and  stability 
of  wireless  LAN  technology  are 
getting  to  the  point  where 
many  more  businesses  are  con¬ 
sidering  it,  mainly  for  the  free¬ 
dom  it  gives  employees  to 
move  around  a  building  or  cam¬ 
pus  with  their  laptops. 

Start-up  PurchasePro.com  is 
quickly  building  out  its  net  and 
evaluating  11M  bit/sec  wireless 
products  for  its  sales  force,  says 
Brandon  Mikkelsen,  a  network 
manager  there.  “They  are  a 
migratory  type  of  employee,”  he 
says  of  salespeople. 

If  different  offices  have  the 
same  type  of  access  points, 
salespeople  can  go  to  those 
offices  and  be  automatically 
connected  to  the  network, 
Mikkelsen  says. 

3:  Mix  with  the  backbone, 
and  connections  to  a  WAN 

From  the  wiring  closet,  new 
networks  often  run  Gigabit 
Ethernet  over  fiber-optic  lines 
to  connect  to  a  mesh  of  Layer  3 
switches  interconnected  by 
even  more  Gigabit  Ethernet. 
Traditional  routers  can’t  handle 
the  speeds  or  hit  the  low  price 
points  of  Layer  3  switches. 
Further  obviating  the  need  for 
traditional  routers  is  the  fact 
that  builders  of  new  networks 
limit  their  protocols  to  IP 

In  a  small  network,  Layer  3 
may  not  be  necessary.  Mikkel¬ 
sen  says  he’s  planning  to  keep 
his  network  of  1,500  nodes  flat 
(that  is,  free  of  subnet  bound¬ 
aries)  and  switched.  He  adds 
that  he  has  the  option  to  put 
Layer  3  capabilities  into  his 
Foundry  Networks  switches  at 
a  later  time,  if  the  flat  network 
gets  unwieldy. 

Many  users  aren’t  hesitant  to 
put  Layer  3  switches  from  a 
smaller  vendor,  such  as  Extreme 
or  Foundry,  into  a  new  network. 
Although  router  king  Cisco  can 
provide  all  the  elements  of  a 
campus  network,  including 
Layer  3  switches,  a  spokesman 
couldn’t  name  any  enterprise 
customers  that  had  installed 
new  networks  with  Cisco 
equipment. 

However,  Cisco  routers 
would  fit  into  a  network  for 
wide-area  connections,  says 
Dave  Passmore,  research  direc¬ 
tor  at  consulting  firm  Net- 
Reference.  Layer  3  switches 
usually  don’t  have  WAN  con¬ 
nections,  so  a  traditional  router 
would  connect  to  the  campus 
backbone  and  be  used  to  trans¬ 
mit  data  over  frame  relay  or 


ATM,  he  says. 

Toysmart.com  uses  a  Cisco 
router  to  moderate  connections 
between  the  WAN  and  its 
Cabletron  Layer  3  switches  in 
the  backbone,  says  Jim  Hutchin¬ 
son,  manager  of  network  opera¬ 
tions  there.  Over  the  WAN  are 
the  company’s  Web  site  and 
back-end  fulfillment  operations. 

3a:  Leave  the  door  open  for 
voice 

There’s  a  lot  of  hype  about 
voice-data  convergence,  and 
while  many  users  don’t  run 
voice  on  their  data  networks 
today,  they  are  leaving  room  for 
it  in  the  future. They  are  making 
sure  their  campus  switches 
support  the  IEEE  802. Ip  priori¬ 
tization  bits  that  would  be 
required  for  it  to  work. 

Companies  already  used  to 
traditional  phone  systems 
aren’t  rushing  to  put  Ethernet 
phones  on  their  desks.  “Most 
people  are  assuming  their  PBX 
is  going  to  be  around  for  a  few 
years,”  Passmore  says. 

On  the  other  hand,  some 
companies  —  including  new 
companies  that  have  never 
owned  traditional  PBXs  —  are 
looking  to  take  the  plunge  into 
convergence  very  soon.  “Voice 
over  IP  is  definitely  going  to  be 
implemented  this  year,”  says 
toysmart. corn’s  Hutchinson.The 
company  is  even  looking  at 
videoconferencing  as  a  possibil¬ 
ity  between  the  headquarters 


and  the  fulfillment  center, 
which  are  30  miles  apart. 

4:  Garnish  with  the  servers, 
and  serve 

The  servers  can  be  con¬ 
nected  to  the  network  in  sev¬ 
eral  different  ways. 

Hutchinson  connects  some 
servers  directly  to  his  Layer  3 
switches  in  the  backbone, 
while  some  connect  through 
an  intermediate  Fast  Ethernet 
switch  that  has  a  gigabit  uplink 
to  a  Layer  3  switch. 

Load-balancing  server 
switches  are  another  option, 
but  they  are  catching  on  more 
in  Web  server  farms.  “So  far, 
we’ve  only  put  the  [server] 
switches  on  servers  facing  the 
Internet,”  says  Marc  Felton,  a 
network  engineer  at  NBC  Inter¬ 
net,  formerly  Xoom.com.  Such 
switches  are  used  to  handle 
large  volumes  of  traffic  and  pro¬ 
tect  against  failures.  “None  of 
our  internal  stuff  requires  we 
have  absolutely  zero  downtime." 

Whatever  type  of  switch  is 
used,  network  managers  say 
they  prefer  to  connect  servers 
at  the  next  speed  up  from  the 
desktops. 

While  all  this  may  not  add 
up  to  the  dream  network  for 
all,  it’s  the  one  people  are 
implementing  today  to  take 
them  through  the  early  2000s. 
“We  feel  it’s  a  good  foundation 
for  at  least  the  next  five  years,” 
Reppucci  says.  Ql 
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The  deep  dark  truth  about  Y2K 


MARK 

GIBBS 


o,Y2K  arrived  without  problems, 
eh?  Well  that’s  what  they  want 
you  to  think,  but  here  at  the  Gibbs 
Institute  of  Countermeasures  and 
Propaganda,  we  know  the  truth. 

Tire  truth  is  simple;Y2K  was  a 
disaster. A  real,  bona  fide  end  of 
the  world  as  we  know’  it. There 
were  numerous  nuclear  melt¬ 
downs,  the  banking  system  went 
to  hell,  and  the  power,  water  and 
telephones  failed  over  much  of 
the  country. 

“Why,”  you  may  well  be  asking, 
“didn’t  I  notice?” 

A  fine  question. The  answer  is 
simple:  It’s  a  government  cover- 
up!  That's  right,  somewhere  under 
the  Rockies  the  government  has 
acres  of  enormous  computers  sim¬ 
ulating  the  stock  market,  generat¬ 
ing  artificial  news  and  generally 
faking  it. 

That  telephone 
call  you  had  yester¬ 
day  from  your 
incredibly  irritating 
aunt  in  Huntersville, 
N.C.?  That  wasn’t 
her,  she  was  zapped 
out  of  existence 
when  the  security 
system  at  Duke 
Power  Company’s 
McGuire  plant 
decided  that,  as  it 
was  the  start  of  the 
20th  century,  all  worker  IDs  must 
be  fake  and  promptly  sealed  off 
the  reactor  room  to  stave  off  ter¬ 
rorist  incursion. 

Alas,  when  the  thermic  lance 
cut  through  the  doors  the  emer¬ 
gency  crew  was  just  in  time  to 
see  the  reactor  vessel  collapse  as 
the  core  headed  toward  China. 
That  was  nothing  compared  with 
the  explosion  that  followed 
which  sent  your  aunt  to  join  the 
choir  invisible. 

Who  called  you  then?  Why, 
those  computers  under  the 
Rockies. They’ve  been  monitoring 
your  calls  for  years,  and  they 
knew  it  was  time  for  you  to  be 
irritated  by  her  again. 

Don’t  believe  me?  Call  her  up. 
Listen  carefully.  Does  that  line 
sound  tinny?  Does  she  sound 
rather  odd?  Could  that  be  because 
you’re  the  last  person  she  expect¬ 
ed  to  call  her  or  because  she’s 
artificial?  You  decide. 

And  why  isn’t  the  Internet  a- 


buzz  with  rumor  and  specula¬ 
tion?  Well,  actually  it  is.  It  is  just 
that  the  government  is  filtering 
everything  you  —  yes,  you  per¬ 
sonally  —  get  from  the  ’Net.  And 
the  same  applies  to  all  the  people 
you  actually  physically  see.  You 
are  all  being  manipulated. 

The  deception  is  clever,  really 
clever.  You  know  all  that  spam  you 
receive?  Government-generated.  If 
it  had  just  stopped,  it  would  have 
been  a  dead  giveaway.  And  you 
know  what’s  worse?  The  whole 
spam  phenomenon  was  a  govern¬ 
ment  creation  from  the  very 
beginning! 

Just  think  about  it:The  govern¬ 
ment  knew  that  Y2K  hell  was 
going  to  break  loose  and  by  gener¬ 
ating  tons  of  spam,  and  for  that 
matter,  all  those  telephone  sales 
calls  that  happen  just  as  you  sit 
down  to  dinner,  they  created  a 
noise  background  that  could  be 
used  to  give  you  a  sense  of  conti¬ 
nuity  even  when  the  fabric  of  soci¬ 
ety  has  been,  in  reality,  torn  apart. 
As  indeed  it  has  been.  Clever. 

It  goes  further:  Anyone  who 
starts  to  speculate,  spread  rumors 
or  tell  the  truth  is  “isolated.”You’ve 
heard  of  the  black  helicopters? 
They  belong  to  the  UN,  which  is 
working  with  the  U.S.  government 
to  control  the  world  (you  didn’t 
know?  Sheesh.).  And  obviously  if 
the  U.S.  goes  to  hell,  there’s  not 
much  hope  for  the  new  world 
order.  Hence  the  big  coverup. 

And  more  than  that,  much  of 
what  you  think  is  the  govern¬ 
ment  is  artificial.  How  else  could 
you  explain  Bill  Clinton  or  A1 
Gore?  How  could  a  candidate 
such  as  George  W.  Bush  exist 
except  in  a  computer-generated 
simulation?  And  consider  that  Jeff 
Bezos  was  Time’s  Man  of  the 
Year.  See  what  I  mean? 

So,  there’s  not  much  time.Tell 
your  friends,  tell  your  neighbors. 
Don’t  call  anyone,  don’t  send 
e-mail,  you  have  no  idea  whether 
the  recipient  exists  or  is  just  com¬ 
puter-generated,  and  anyway,  those 
computers  won’t  let  you.  Hell,  you 
can’t  even  trust  this  column  —  I 
might  be  simulated. 

Must  go,  I  can  hear  a  helicopter 
outside. 

Suspicions  to  nwcolumn @ 
gibbs.com.  Use  a  carrier  pigeon. 


Chances  are  most  of  us  and/or  our 
loved  ones  will  work  from  home  at  some 
point  before  retirement  beckons.  After  all, 
remote  access  technologies  are  advancing  a 
whole  lot  faster  than  rush-hour  traffic. 

So  why  all  the  uproar  over  last  week's 
common-sense  decree  from  the  U.S.  Labor 
Department  regarding  employer  obligations 
to  telecommuting  employees? 

"Ensuring  safe  and  healthful  working  con¬ 
ditions  for  the  employee  should  be  a  precon¬ 
dition  for  any  home-based  work  assign¬ 
ments,"  read  a  letter  from  the  Labor 
Department's  Occupational  Safety  and 
Health  Administration  (OSHA). 

This  basic  notion  shouldn't  be  cause  for  alarm,  unless  you  happen  to 
be  a  sweatshop  owner  looking  to  save  on  rent  or  a  devout  libertarian. 
However,  the  airwaves  and  news  pages  were  awash  with  critics  last 
week  who  apparently  fear  an  invasion  of  OSHA  home  wreckers  that 
will  result  in  telecommuters  being  shackled  to  their  old  cubicles.  By 
week's  end,  a  chastened  OSHA  had  "withdrawn”  the  letter  and 
promised  to  rethink  things. 

Granted,  the  details  are  everything  here.  If  Washington  really  does 
want  to  dictate  decorating  schemes  or  ban  smoking  in  home  offices, 
then  I'll  be  the  first  to  grab  a  pitchfork  and  lead  the  revolt.  But  the  prin¬ 
ciple  here  seems  clear  enough:  An  employer  cannot  absolve  himself 
of  responsibility  for  the  work-related  safety  of  employees  simply  by 
telling  them  —  or  even  by  allowing  them  — -  to  work  from  home. 

A  personal  anecdote  to  illustrate  the  point:  For  several  months  last 
year  Buzz  suffered  elbow  pain  so  severe  that  typing,  Web  surfing  or  lift¬ 
ing  a  12-ounce  beertook  a  mighty  effort.  The  mouse  and  the  keyboard 
—  those  twin  terrors  of  modern  office  life  —  were  clearly  to  blame. 

After  four  visits  to  two  doctors,  eight  ineffective  physical  therapy 
sessions  and  one  miraculous  cortisone  shot,  the  pain  has  all  but  dis¬ 
appeared.  However,  the  bills  and  the  possibility  of  a  relapse  remain, 
which  is  why  my  employer  has  both  helped  me  file  a  worker's  compen¬ 
sation  claim  and  given  my  office  an  ergonomic  makeover,  including  a 
fancy  new  chair  that  does  everything  but  massage  my  lumbar. 

The  idea  that  Network  World  might  be  obligated  to  do  anything  less 
for  one  of  my  telecommuting  colleagues  strikes  me  as  difficult  to 
defend.  The  lines  between  central,  branch  and  home  offices  will  only 
get  blurrier.  Why  should  only  two  of  these  three  be  afforded  the  pro¬ 
tection  of  sensible  workplace  safety  regulation? 


Perhaps  you  shared  my  reaction  to  the  news  that  someone 
had  bid  $10  million  in  an  eBay  auction  to  acquire  the  domain  name 
Year2000.com:  Who  would  be  crazy  enough  to  pay  that  much  for  that 
name,  especially  since  we're  on  the  safe  side  of  the  Y2K  divide? 

In  retrospect,  the  answer  appears  to  be  no  one. 

Last  Wednesday,  the  keepers  of  www.year2000  —  computer  con¬ 
sultant  Peter  de  Jager  and  The  Tenagra  Corp.  —  acknowledged  the 
much-ballyhooed  $10  million  bid  had  been  bogus. 

"It  has  now  been  determined  that  all  the  bids  were  'not  sincere,"'  is 
how  the  situation  was  delicately  described  in  a  press  release.  The 
owners  will  forego  another  auction  in  favor  of  private  bids. 

Here's  hoping  they  do  find  a  sincere  buyer.  The  site  was  a  fabulous 
resource  and  de  Jager  has  more  than  earned  his  post-Y2K  parachute. 


PAUL 

MCNAMARA 


Repeat  after  me:  Free  means  no  strings  attached. 

Reports  last  week  touting  "free"  DSL  from  an  outfit  called  Broad¬ 
band  Digital  Group  highlighted  only  the  latest  misappropriation  of  an 
adjective  that  once  had  a  clear  meaning.  Like  others  of  its  ilk,  the  DSL 
offer  comes  dripping  with  ifs,  ands  and  strings,  starting  with  a  demand 
for  all  your  personal  data. 

Here's  an  idea:  Instead  of  describing  these  deals  as  free,  call  them 
barter-based  because  the  parties  are  actually  swapping  commodities. 

Sending  us  Internet  news  tips  and  gossip  really  is  free.  Try 
buzz@nww.com. 
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Is  the  router  on  the  left 
really  worth  twice  as  much 
as  the  one  on  the  right? 

You  decide. 
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With  the  escalating  cost  of  routing,  why  would  you  pay 
twice  as  much  for  one  router  over  another  when  they  both 
do  virtually  the  same  thing  for  your  network?  You  wouldn't. 

Introducing  the  Nortel  Networks™  Open  IP  Environment, 
a  new  world  routing  software  that  embeds  routing  and  other 
IP  functions  directly  into  a  variety  of  hardware  platforms 
and  operating  systems,  making  stand-alone,  data-access 
routers  an  old-world  commodity.  In  other  words,  we’re 
changing  the  economics  of  network-routing  technology 
by  driving  down  the  cost.  Which  is  why  we're  cutting  the 
price  of  our  data-access  routers  by  up  to  50  percent  below 
the  leading  competitor. 

You  see,  our  leading,  new  Open  IP  Environment  software 
makes  routing  universally  available.  Soon,  everything  from 
personal  appliances  to  processors  and  servers  will  be  Internet¬ 
routing  enabled  with  more  than  75  companies  already 
leveraging  Nortel  Networks'  Open  IP  technology. 

So  the  next  time  you're  ready  to  write  a  check  for 
data-access  routers,  you  might  want  to  ask 
yourself  this  simple  question:  Why  pay  more?  '  NCJRTEL 


Come  together,  right  now  with  Nortel 
Networks,  nortelnetworks.com 
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How  the  world  shares  ideas. 


Cost  comparison  is  based  on  end  user  suggested  list  pricing  of  the  Cisco  2611  access  router,  and  the  Nortel  Networks  ARN  router  with  common 
configurations.  Nortel  Networks,  the  Nortel  Networks  logo,  the  Globemark,  and  "How  the  world  shares  ideas"  are  trademarks  of  Nortel 
Networks.  ©1999  Nortel  Networks  All  rights  reserved. 


Yours  is  no  ordinary  business,  and  the  Summit7i™  is  no  ordinary  switch. 

It  combines  the  benefits  of  a  stackable  with  the  performance  and  density 
of  a  chassis  -  32  Gigabit  ports,  64  Gbps  capacity  and  48  million  pps 

throughput.  Which  ensures  wire-speed 
performance  and  resiliency  for  co-located 
servers.  Plus  prioritization  and  bandwidth 
control  for  ERP  and  e-commerce  traffic.  And 
it  runs  on  existing  Category  5  twisted-pair 
cabling,  but  the  most  astonishing  thing 
about  8ummit7i  is  the  incredibly  low  price  per  port.  It’ll  do  more  than  just 
turn  a  few  heads.  1'or  more  information,  call  us  or  visit  our  web  site. 
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